BlueAuth: Open-source passwordless and serverless auth. No databases needed
github.comFor the skeptical, "no database needed" really means "database-agnostic".
From the example code:
> In this example our users are in this array, but in the real world you likely have them stored in an API service or DB
hmm, yes, I guess at some level user data is stored in a database somewhere.
What is trying to be communicated here is you don't need to connect to a database at all. You can use an API, something in memory, etc. The library doesn't have to connect to a DB.
For example, I use Hasura a lot (a GraphQL wrapper around postgres), and this library works perfect with that, since blueauth can just do API calls.
But yes, even in that scenario it is Hasura that is communicating with a database but not blueauth.
Basically blueauth can interface with anything you can write in javascript (any type of DB, interface, etc)
If you're using Hasura, why not use built-in Postgres user auth?
A few reasons, but one of the primary ones is there needed to be a way to securely store the session or identity of the user on the client side. There are a few ways of doing this on the client; storing it in memory, using browser web storage, etc. But the most secure way (for users using a browser) is storing the data securely in a HTTP only cookie, and it's this aspect of the responsibilities that this library looks to handle.