undefined | Better HN

0 pointsipaddr4y ago0 comments

Rolling his own doesn't mean custom algos. It means he will use the buildin language functions and/or external packages for that functionality while manually piping all of the pieces together.

He is not asking for trouble..

0 comments

2 comments · 1 top-level

Cicero224y ago· 1 in thread

While you can definitely manually pipe all of the pieces together and have a functioning system, it's significantly easier, and likely more secure, to use the battle-tested auth library of a framework.

One could also use the builtin language functionality and external packages to write custom crypto, and I think we'd both agree that that's a bad idea. I'd argue that it's the same for authentication in general.

ipaddrOP4y ago

I understand that point of view and I agree for the majority of projects but relying on a fully working system that is coupled to some structure can be limiting if you need to make something slightly different.

I see a frameworks like laraval as the middle path where you can rely on the framework to handle auth but also can make any changes you may need.

j / k navigate · click thread line to collapse