Everything About SuperTokens – an Open Source Alternative to Auth0, Firebase Auth, and AWS Cognito.

Authentication and Authorization are costly affairs for organizations when it comes to their security budget and it is the main concern for every company or software developers and if you’re a developer/founder you spend a lot of time making a perfect security system for your applications.

You spend days creating a Login and Sign Up page for the product.

And after that, your work is still not done.

You need:

  • Social logins
  • Forgot password flow
  • Session management
  • Email verification
  • User management
  • Two Factor Authentication and some business features.

All this needs to be done before even launching your product, and it looks easy but it’s not always.

You will spend a good amount of time & planning to set up for your application.

So, what if I tell you I found an awesome open-source platform to rescue i.e “SuperTokens

SuperTokens an open source user auth takes the reins in empowering development teams to operate with enhanced efficiency. By offering seamless solutions for secure user authentication, SuperTokens enables developers to focus on what truly matters – crafting exceptional user experiences. With SuperTokens in your toolkit, you can wave goodbye to authentication headaches and confidently steer towards code integrity and user trust.

SuperTokens-Open Source-User-Authentication

I build an e-commerce app using “SuperTokens” and “hasura GraphQL” last year for a side project, I must say it’s a great open-source “user auth” quick to implement & easy to customize.

– Sign-in/Sign-up with email ID & password
– Secure session management
– Email verification
– Social logins

Build a Secure E-Commerce App with SuperTokens and Hasura GraphQL


Why SuperTokens is Good User Authentication

  • Easy to set up.
  • It was quick to implement auth And I am loving it!
  • It uses Cookies that contain an access token that expires and must be refreshed with a refresh token.

SuperTokens also provides a more end-to-end solution that allows you to easily implement features like syncing session data across many devices, or restricting how many devices a user can be logged in with.

It enables you to keep your users logged in for a time long in the most secure way possible.


1- Quickly Set up Authentication in Your App

Implement social and email password login using SuperTokens.

A tutorial to implement SuperTokens in ReactJS and NodeJS app.

Implement social and email password login using SuperTokens in ReactJS and NodeJS

🔗 Implement social and email password login using SuperTokens

In this demo you will learn:

  • Showing the login UI
  • Routing
  • Protecting a website route
  • Fetching user information on the frontend
  • Session management and signout.

2- SuperTokens is Open Source User Authentication

  • Open source: SuperTokens can be used for free, forever, with no limits on the number of users.
  • An on-premises deployment so that you control 100% of your user data, using your own database.
  • An end-to-end solution with login, sign-ups, user and session management, without all the complexities of OAuth protocols.
  • Ease of implementation and higher security.
  • Extensibility: Anyone can contribute and make SuperTokens better!
open source- user-auth

Check out the GITHUB repo which has recently surpassed 10,000 stars on GitHub.

GitHub-stars-supertokens

3- Getting Started / Recipes by SuperTokens

1- ThirdPartyEmailPassword

Features:

  • Sign-up / Sign-in with email ID and password
  • Sign-up / Sign-in with third-party providers (For e.g: Google, Facebook)
  • Forgot password flow using email
  • Secure session management
  • Email verification

You can have a look at the demo app created for this recipe > Link

Check out the source code for the demo app

2- OnlyEmailPassword:

  • Sign-up / Sign-in with email ID and password
  • Forgot password flow using email
  • Secure session management
  • Email verification

You can have a look at the demo app created for this recipe > Link

Checkout the source code for the demo app

3- OnlySocialLogin:

  • Sign-up / Sign-in with third-party providers
  • Secure session management
  • Email verification

You can have a look at the demo app created for this recipe > Link

Check out the source code for the demo app


4- Supported Technology Stack by SuperTokens

Backend Implementation

  • NodeJS
  • GoLang
  • Python (FastAPI, Django, Flask)
supported-tech-stacks-backend

Frontend Implementation

  • ReactJS: They support all current functionality (signup, manage auth tokens, social login, etc).
  • Partial support – Vanilla JS, Angular, Vue and React Native: They provide session management only and you would have to build the frontend UI for login.
supported-tech-stacks-frontend

5- How SuperTokens work

There are main 3 components of SuperTokens
  • Frontend SDK: Responsible for rendering the login UI widgets and managing session tokens automatically.
  • Backend SDK: Provides APIs for sign-up, sign-in, signout, session refreshing, etc. Your front end will talk to these APIs.
  • SuperTokens Core: This is an HTTP service that contains the core logic for auth. It’s responsible for interfacing with the database and is used by our backend SDK for operations that require the DB.
How-SuperTokens-works- SuperTokens architecture & SDKs

For example: Sign in / Sign out flow:

You can see how the three components interact for sign in and sign outflow (with email and password)

super tokens-Session-verification & refreshing flow

That was it for this blog.

I hope you learned something new today. If you did, please like/share so that it reaches others as well.

If you’re a regular reader, thank you, you’re a big part of the reason I’ve been able to share my life/career experiences with you.


Stay in Touch

Connect with me on Twitter

If you like this. I encourage you all to sign up for my newsletter. It’s free.

Check out all the old editions here- Newsletter by Ankur

Want to read more interesting blog posts

✅ Here are some of my most popular posts that you might be interested in.