SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

<@!393895326332747776> , we made the following changes to the example repo to get sub domains to work (on chrome and firefox):
- Using NextCors in all API routes (as stated above) - the `origin` list should contain `https://offscript.io` and `https://my.offscript.io`. Also make sure that you have set `credentials: true`
- Making sure that the webapp is querying `https://offscript.io/api/*` as opposed to `/api/*` - so that requests from `https://my.offscript.io` go to `https://offscript.io/api/*` (since the session cookies are attached to `https://offscript.io`.
- setting `websiteDomain` to be `https://offscript.io` always.
- Adding `sessionScope` to be `.offscript.io` in the backend config for Session.init
- Not using functions like `getserversideprops` that do session auth when the domain is `my.offscript.io` - cause  session cookies won't be sent to `https://my.offscript.io`, since they are attached to `https://offscript.io`