Auth0 in 100 Seconds // And beyond with a Next.js Authentication Tutorial

Рет қаралды 435,634

2 жыл бұрын

Auth0 is Authentication-as-a-Service used to manage the front door to your application. It provides drop-in user auth solutions that look great on any frontend app, and integrate with any backend server. Try it 👉 bit.ly/3peoMQ4
Thanks to @JamesQQuick for going beyond 100 seconds! Subscribe to his awesome channel.
Disclaimer. This video contains a paid endorsement and was produced in collaboration with Auth0. I trust their product and have used it as a customer for many years .
#dev #code #100SecondsOfCode

Пікірлер: 260

@Fireship 2 жыл бұрын

I’ve used Auth0 in several projects and nothing comes close when you need advanced auth features. Here’s 7,000 free users to get started bit.ly/3peoMQ4

@ShashotoANur 2 жыл бұрын

There are no replies 😶

@tenslider6722 2 жыл бұрын

I have a stupid question, in case Auth0 servers are down for whatever reason, does that mean users for my app won't be able to login?

@zyansheep 2 жыл бұрын

@@tenslider6722 very astute observation. Better self-host...

@RamanandSingh 2 жыл бұрын

@cryptolicious3738 2 жыл бұрын

❓wait a sec, is this so big tech can know who is logging in and when to all your apps ❓ aint nothing free....

@merlijnvanlent 2 жыл бұрын

These beyond 100 seconds segments are always interesting. keep up the great work!

@ChrysusTV 2 жыл бұрын

Auth0 looks cool, but when I consider future scaling needs, it's quite expensive. Maybe something to consider once revenue can be predicted. For now I'm using Firebase Authentication (probably as a result of a video from this channel, but I don't remember).

@mooshy5944 2 жыл бұрын

This. If you're building a personal project and don't anticipate getting a lot of users Auth0 makes sense, if you're anticipating a lot more user sign ups I would suggest something like AWS Cognito or just building your own. Switching to another auth provider later is damn near impossible so choose wisely.

@ZephrymWOW 2 жыл бұрын

@@mooshy5944 switching auth providers is far from "damn near impossible". It is probably one of the easier migrations to do.

@TheBillionDollarSaaS 2 жыл бұрын

You can export from fire base and auth0 without a problem.

@mooshy5944 2 жыл бұрын

@@ZephrymWOW Okay so how do you export existing Auth0 users into lets say AWS Cognito? Passwords and all?

@unixbashscript9586 2 жыл бұрын

Cognito defintely supports import from csv

@aniketacharya512 2 жыл бұрын

The quality of these videos never ceases to amaze me.

@TheRonpe 2 жыл бұрын

I was hyped, until i checked their pricing.

@Exendes Жыл бұрын

Its free below 7k users

@pixelman457 Жыл бұрын

@@Exendes now, it's 1k

@edgarwideman737 Жыл бұрын

0.02 / month per user... It's not that bad.

@pixelman457 Жыл бұрын

@@edgarwideman737 lmaoo.. it is when you’re broke

@TomasDavidcz 11 ай бұрын

You’re not broke when you have thousands of users. Honestly I was quite surprised how good their pricing is.

@docmars 2 жыл бұрын

Not as user friendly to setup, but AWS Cognito is a great alternative, and free for the first 50,000 users. Worth doing a video on it as well for comparison!

@fredrickdenga7552 2 жыл бұрын

Wonderful, Jeff⚡🔥thanks for partnering with James Q Quick😎both of yall are real aces with these frameworks🏹

@dimalisovyk5277 2 жыл бұрын

I've used it for SSO. It works fine, when you need something simple, but for more complex stuff (e.g. custom claims) you need to implement rules, custom databases and so on. As a result, it is easier to implement simple identity server and customize it for your needs. Most of modern backend frameworks support login with Google and other plaforms (auth2.0, openId, saml)

@86hardluck 2 жыл бұрын

OMG Fireship and James Q. Quick in the same video at the same time?!! My brain just asploded! Two of my favorite techy teachers at once.

@babyboie20 2 жыл бұрын

Great collab! I generally watch both of y'all anyways, good to see you both in the same video.

@felipe3966 2 жыл бұрын

HA HAAAA!!! Just in time to improve my ongoing app, what a genious! Thank you so much guys!

@AkshatSinghania 2 жыл бұрын

you are making i wanted 3 months ago , thats so cool ,it would be so helpful anyone else needing these.

@Jujukungfu 2 жыл бұрын

Where were you with this like 2 days ago when I was trying to figure this out on my own lol. I jest, thanks for the great content! For free no less!

@Hobbitstomper 2 жыл бұрын

I find OAuth incresingly scary as an end-user. I use Google for most 3rd party websites to sign-up / login. Yet every week I read new horror stories how Google just mistakenly bans entire Google accounts. The sheer thought that my Google account would get banned for whatever reason, and me not being able to login into 100s of 3rd party website where I signed up via OAuth....scary as hell. And yes, I know this video is about Auth0 and not OAuth (different things). Just felt like sharing my thoughts on OAuth from an end-user perspective.

@ChrysusTV 2 жыл бұрын

I feel the same about using Facebook. However, I deliberately use Facebook instead of Google since if I ever lose my account for some reason, I don't also lose my entire email account. Most of the time, the sites keep your email stored and you can recover the account via email, which is only a problem if your email is also terminated (as it would be if your Google account was lost). And of course, I use my own domain for email so I can route mail to whichever provider I want.

@michaelb2047 2 жыл бұрын

@@ChrysusTV jeez how about not using a single service to manage all your data but maybe use password manager / hardware tokens / self hosted solutions instead. I see that SaS has its place, but I think authentication isn’t one of them. It should replace things that are you are not capable of hosting it yourself. Authentication is a solved problem and most frameworks make it very easy. I don’t know how trusting another company with all your user data, making yourself dependent and having to use an API is any better than using easy framework look ups from a database.

@ChrysusTV 2 жыл бұрын

@@michaelb2047 My KeePass has 372 entries but thanks for your paragraph of concern. I'll use what I want to use, yeah?

@kiandinyari3740 2 жыл бұрын

@@ChrysusTV I would recommend against this. I got my facebook hacked and took months to regain control. They have zero support or care to get you your access back. It fucked up my ability to access all sorts of apps like Spotify. I no longer trust any of these universal login things.

@Hobbitstomper 2 жыл бұрын

@@michaelb2047 The issue is, more and more websites don't offer their own login system anymore, they only offer logins via 3rd party OAuth of Google, Facebook, Twitter etc.

@chiefdan07 2 жыл бұрын

Woah this is perfect timing. Currently looking into several auth services.

@thisissyedbasim 2 жыл бұрын

I really wanted to learn this. You read my mind 🔥🔥

@lalitfauzdar3873 2 жыл бұрын

For basic auth, Firebase auth is way easier to implement and has a lot of features and for production, AWS Cognito (part of Amplify) is better and cheaper to go.

@TheStruders 2 жыл бұрын

Cognito is awful + it's not part of Amplify, it can be used with Amplify

@everenjohn 2 жыл бұрын

Yeah, stay married to those services.

@chiefdan07 2 жыл бұрын

Supabase auth is decent too

@lalitfauzdar3873 2 жыл бұрын

@@chiefdan07 Plus it's opensource. I've used it and I really liked the initiative and from some time, I've been a part of open source software and I'm in awe for such people who provide leading class software open-source.

@shreyanshmori7369 2 жыл бұрын

This is something I was looking for my site.

@wlockuz4467 2 жыл бұрын

You know what I love more than "...In 100 seconds"? ...In 100 seconds and beyond!

@krazymeanie 2 жыл бұрын

Auth0 is nice but i stick with next-auth that was built specifically with next js in mind. They also have built in support for prisma along with way more providers for free.

@chetanjain4616 2 жыл бұрын

Great video. Also, for your next one maybe you can do one for debugger with VScode its been long overdue

@Benjiman6th Жыл бұрын

I am novice. Was what you explained an SDK? And if so, are we to put the sample folder in our root directory?

@Ultrajuiced 2 жыл бұрын

Auth0 is very cool also as a straightforward solution for 3rd-party/social login.

@munashe_dev 2 жыл бұрын

You deserve a Grammy no cap

@chotai 2 жыл бұрын

Both of my favourite youtubers. OMG

@prashpatil24 2 жыл бұрын

Thanks both of you very knowledgeable

@abh1yan 2 жыл бұрын

Fireship is now beyond perfect.

@MarkEdwardTan 2 жыл бұрын

I think Auth0 is expensive and might be good if you have the budget when it scales. I'd rather have my own authentication/authorization using PassportJS :)

@michaelhays 2 жыл бұрын

Yeah I've never really understood the appeal of auth-as-a-service, when rolling your own is pretty easy

@ratulsaha9487 2 жыл бұрын

@@michaelhays i mean implementing oauth for so many providers is time consuming and too much code writing. People just look for the easy way out. And then we get this. Just one sdk, no need of your own api, easy to use.

@KGIV 2 жыл бұрын

Agree. It certainly has a place in larger organizations, especially when it comes to compliance needs.

@ZephrymWOW 2 жыл бұрын

@@ratulsaha9487 implementing JWT OAuth is like 10-100 lines of code lmao. Especially if you just use a library to handle it

@ratulsaha9487 2 жыл бұрын

@@ZephrymWOW thats email password login. I clearly stated that the lengthy part is the 3rd party providers like google, github, etc

@TrevorReimer 2 жыл бұрын

Would you consider a video about Ory? A open-source auth system with no vender lock-in.

@seanmccambridge 2 жыл бұрын

One criticism I’ve heard of Auth0 is that it’s pricey. How about a video that compares it side by side with Firebase auth and Cognito?

@michongoma7598 2 жыл бұрын

Nice to see James here.

@Viviko 2 жыл бұрын

So… basically, I’m now reliant on Auth0 for my own users. And if Auth0 decides to change their rules, I can get kicked out and eventually have to build my own OAuth2 service anyways?

@quasa0 2 жыл бұрын

Yeah and you'll have to pay a lot

@arifdevcoding 2 жыл бұрын

@@user-if1de8pt2j he meant policies. you know, that's google and google has some good reputation on suddenly shutting down services.

@Viviko 2 жыл бұрын

@@arifdevcoding Or if they decide not to support the types of apps I decide to make, restrict collecting certain types of data, etc…

@Viviko 2 жыл бұрын

@@quasa0 I mean, depending on your situation it might make sense. But, frankly, for really critical aspects of my apps, I like having control over them. Only for non-critical things or things that are too expensive to implement are what I like to rely on third parties for. For example, hosting services. It’s way too expensive to run my own servers and data centers. So, I’ll rely on AWS or GCP. Email is another example. It would just take too much work to build my own Email service. But, storing users and and authenticating them are kind of really critical. So, I prefer to implement that myself. Plus, it’s not too expensive when you look at the bigger picture.

@f1shyv1shy35 2 жыл бұрын

Never been so early to great content 😆

@HaozheYuda1989 2 жыл бұрын

auth0 is getting better and better

@idukpayealex 2 жыл бұрын

excited to see you james

@luizuk4 Жыл бұрын

Awesome content! Thanks!

@BlackdestinyXX 2 жыл бұрын

Good job! I really like these type of videos

@IngwiePhoenix 2 жыл бұрын

A few questions, and I am just being a little curious here: - Can I embed the login form into my website itself, or is the redirect required? I'd guess I can just POST to the auth0 URL as well, but just making sure. - Is there a hook for account deleting? i.e.: If you wrote a forum with auth0, you'd want to mark an account as deleted once that happens. - How much information can auth0 store, exactly? The profile showcased had minimal information. Is this all or would it be outright better to create a DB entry with a foreign key pointing at the remote profile entry to link the local profile with the remote account? Thanks!

@keooodev7554 2 жыл бұрын

you can add metadata to the accounts. using the authO managment API

@bringbackwindowsphone 2 жыл бұрын

Yeah there's a hook for that. You can embed the form yourself using their APIs but it's much more work recreating all of the two factor flows and stuff compared to just using their excellent premade ones.

@Ultrajuiced 2 жыл бұрын

The redirect is required, you can only have a custom domain. If there is another solution, tell me. ;)

@ChrysusTV 2 жыл бұрын

@@Ultrajuiced Auth0 Lock...

@ZeroYT 2 жыл бұрын

You have to pay for almost all good features. Magic email links for example..

@lucasgazzola 2 жыл бұрын

From 🇦🇷 🇦🇷 to the world

@koodingfloppa39 2 жыл бұрын

I like how he predicts the interests of his audience right when they want to learn that type of thing

@SuperElephant 2 жыл бұрын

I can confirm that the mind reading business is no joke. I'm now experiencing that and truly believing in it..

@ThisGuyEdits24 2 ай бұрын

Me: Neat a 100 second video Video: 503 seconds Me: Hyped About Auth0 Auth0: Money Me: Checking pricing, then opens funeral and then goes inside.

@rwlc 2 жыл бұрын

Used Auth0 with my recent Next project, and I fucking loved it.

@srinathganesh6985 2 жыл бұрын

What about Keycloak? its Open Source but you host it yourself

@DK-ox7ze 2 жыл бұрын

This is really nice. But I wonder how much different is the security part of login mechanism vs the security of other parts of the app? Given that auth0 is only going to secure the login, the devs still need to implement security in other parts of the app (which is basically most of the app). So if they are building good security mechanisms for other parts of the app, they should be capable of securely building the login part too?

@ChrysusTV 2 жыл бұрын

That's not necessarily true. Many of the authentication systems (Auth0, Firebase, etc.) allow roles, which are what you'd use throughout your app to control access after the login stage. Obviously, if you're not using roles, then sure you have to build your own access control. Otherwise, the roles are in the JWT, so then your concern would be whether JWT is secure or not, not if these authentication systems are useful. And roles can be used inherently in other parts of a backend depending on the provider -- for example, Firestore can use your authentication roles to restrict access to documents.

@priyankamurmu6228 7 ай бұрын

What's the theme used here in vs code? Breathing cursor looks amazing

@kraskaska 2 жыл бұрын

that's just what i needed, great work!

@dongums 2 жыл бұрын

I hope firebase also has easier server side auth workflow. it's hard to implement server side auth using firebase admin

@ryann1826 2 жыл бұрын

We want a video about PHP / laravel .. Or compare them to node.js ..

@emaxix7 2 жыл бұрын

Any idea which extension/tool adds the terminal intellisense at 5:00?

@copperbeckville1853 Жыл бұрын

Auth0 is a terrifying Orwellian piece of software.

@mrrishiraj88 2 жыл бұрын

Great content always

@CANIHAZURDREAMSPLS 6 ай бұрын

how does Auth0 handle other logins from other users or does this handle that as well and no need separate api keys?

@artrix909 2 жыл бұрын

jeff always posts just on time

@YanickSteinbeck 2 жыл бұрын

Currently using auth0 and struggling with token expiry: Auth0 does not seem to let me set an expiry that's greater than 90 days. Has anybody solved this before? PS: I am aware of security concerns - but it's fine for my use case

@unpunished123 2 жыл бұрын

Love you from Bangladesh

@rahulpadalkar6237 2 жыл бұрын

This is great but the real question is what's in `jqq-meme` folder? jk, great vid.

@GlenBondMogane 2 жыл бұрын

The beast inviting coolest dude

@codecrafter_4046 2 жыл бұрын

That's what I'm waiting for, thanks :)

@dawid_dahl 2 жыл бұрын

Does anybody know the name of his vscode folder-icon plug-in?

@piecepaper2831 2 жыл бұрын

your 1 week late. i implemeted auth0 and this vodeo would have helped alot

@teckyify 2 жыл бұрын

You can have that with keycloak

@AB-ub9nd 2 жыл бұрын

It’s too expensive. Amazon cognito is cheaper and while maybe the api is a bit backwards it works great.

@nosthrillz 2 жыл бұрын

Hi James! 🤩

@HendersonHarrisson Жыл бұрын

What about Azure Active directory, and how does Auth0 compare with it.

@keooodev7554 2 жыл бұрын

I wish you added how to use the managment api with NEXT JS I find it a struggle

@Gabouchet 2 жыл бұрын

Can your compare Auth0 to Cognito from aws ?

@anupamdahal7029 2 жыл бұрын

Os tutorial with Rust 🤗🔥🔥

@khakcsar 2 жыл бұрын

Finally I can stop hyperlinking the login button to next page.

@okmiedga 9 ай бұрын

Anyone else having a lot of trouble getting the sample project up and running? The issue is with the javascript nullish coalescing operator.

@jcjiron 9 ай бұрын

Thank you thank you thank you!

@manfyegoh 2 жыл бұрын

any firebase auth vs auth0 video coming soon?

@himanshu-negi 2 жыл бұрын

6:13 how is that cursor !

@saulramirez727 2 жыл бұрын

Thank you so much

@ninjaasmoke 2 жыл бұрын

"this has been auth0 in 100 seconds, but stay tuned.." instant like achieved

@ChumX100 2 жыл бұрын

Cloudflare workers in 100 seconds!

@tapu_ 2 жыл бұрын

But can it authorize dn?

@fmailscammer 2 жыл бұрын

I literally just started a website and was using auth0 yesterday, how do you read my mind?

@bity-bite 2 жыл бұрын

Never heard of Auth0, nice. What about C# in 100 seconds please 🥺

@guddetiajaymanikanta 2 жыл бұрын

Great !!

@joachim4660 Жыл бұрын

passport.js in 100 seconds would be nice

@syedumararfeen8146 2 жыл бұрын

Thanks 👍

@MiaKaiser-c5y Жыл бұрын

0:51 I'd never be able to log back in again if i use this🤣🤣

@prajyotmayekar328 2 жыл бұрын

Woooo 🙌🏻

@olorunfemidaramola5470 4 ай бұрын

The access token I get from auth0 is invalid, I don’t know to fix that, cos it cannot be decoded

@armaanchoudhary 2 жыл бұрын

And I thought he did a face reveal xD (hover over the vid to see preview)

@danielchukwu524 8 ай бұрын

Perfect 👍👍

@hos7012 2 жыл бұрын

Awesome

@tacomixen 2 жыл бұрын

Nice!

@richardebrain 2 жыл бұрын

deploying to vercel kinda give me problem , it trows an error when i try to login , it says access denied .. any solution to this

@HiImKyle Жыл бұрын

It's just too expensive in the long run imo, I need this but a self hosted version

@coconutz4535 2 жыл бұрын

What is the vscode theme that james use?

@majidraimi Жыл бұрын

did u found it ?

@Manish_._369 Ай бұрын

tell us bro

@ankushbhagatofficial 4 күн бұрын

5:00 How you get this suggestion on integrated terminal?

@bipinmaharjan4090 2 жыл бұрын

Difference between passport and auth0??

@eugenmeissner9510 2 жыл бұрын

Cool stuff but why would i use auth0 if i'm already invested in a cloud provider?

@Miwo99 2 жыл бұрын

100 seconds of OAtuh / OpenID Connect, pleeease!!!

@sonmangaking 2 жыл бұрын

Perfect

@samuelbento4587 2 жыл бұрын

Looking forward for the beyond 100 sec.

@arsenidziamidchyk2972 2 жыл бұрын

Was I the one who wanted to hide message pop up 😆