https://supertokens.com/ logo
Join Discord
Powered by
Good morning everyone, I am in dire need
# general
m
Good morning everyone, I am in dire need of easy to implement, standalone auth solution that would support multiple apps in my ecosystem (4 client apps, next.js + API on node). We initially planned to use Supabase Auth, but since it doesn't work well in isolation (it's based on Netllify's GoTrue, repo looks outdated), docs are poor, and it's heavily wired to Supabase features we don't use atm but their js clients require them, we are looking for a replacement. We can't go with paid solutions like Auth0 or similar, since it will be too expensive (~200k community). Can you tell me what is your experience running SuperTokens in ecosystem similar to ours, and if it will be a good bet? I need to demo this next week đŸ«  , so ideally I would like to spin up some sort of identiy service within a container, configure clients, connect it with my apps, and focus on the actual user features. Do you think super tokens will be a good fit in such a scenario? After skimming the docs and youtube channels it looks promising, but yeah... lots of tools look promising at first glance until you try to actually use it. Quick responses greatly appreciated 🙏
k
Welcome @MikoƂaj (Meek-Oh-Why), you in the right place. Let me help you get more eyes on this. @User
m
To give a bit more overview, we are looking for email + magic links, and Github as well Google oAuth to start with. Client apps overview: - retool admin panel - app 1: read only, public tutorials and articles for our community. They only auth functionality required is to show the user widget in the nav bar - app 2: identity application, this is where you create and manage your identity (login, registration, edit user) - app 3: community application, protected area, place where you can take part in AI hackathons. For this application we need to implement RBAC with composite based access on the hackathon level, since a User can perform multiple roles within a single event: Mentor, Judge, Participant, and if participant user can be Team Owner/Manager/Member
p
Hi, a quick clarification question: would all of these be hosted on the same top level domain? (e.g.: app1.example.com, admin.example.com + example.com)
if all of these share the same user pool (and maybe use the UserRoles recipe for distinguishing admins) and they can share the session ST should be very quick to set up and use.
plus in this case you'd use no paid features so it could be free if self-hosted. (or if under 5K monthly active users)
m
retool admin will run on it's own domain, others will share the same domain. The user pool will consist only of the Users with scope level access depending on their role within the event. When it comes to Admin users we assume that if you have access to retool, you are an admin, and we have a dedicated, fully separate admin API with a token protection, so I guess we can keep admins out of the equation for now. I included the retool only to give you the full overview how things are set atm
The user privileges will look more or less like that: 1. you create an account -> User 2. if you enroll to the event -> User + Participant (within specific event) 3. if you get invite as a Judge -> User + Judge (within specific event) 4. if you get invite as a Mentor -> User + Mentor (within specific event)
n
Hey Mikolaj, thanks for reaching out! We can definitely arrange for a demo this week, before then id love to hop on a quick call to understand a bit more about your use case so we can put together a custom demo for you. Are you free to chat tomorrow or Wednesday at 8am Pacific Time?
If so, drop me the best email that i should send a meeting invite to
m
let me sync with my infra leader
more details in DM
4 Views
PreviousNext
Powered by