←back to thread

Better Auth, by a self-taught Ethiopian dev, raises $5M from Peak XV, YC

(techcrunch.com)
282 points bundie | 7 comments | 25 Jun 25 18:07 UTC | HN request time: 2.32s | source | bottom
Show context
jtms ◴[26 Jun 25 03:25 UTC] No.44383929[source]
"Better Auth’s pitch is simple: Let developers implement everything from simple authentication flows to enterprise-grade systems directly on their databases and embed it all on the back end."

Its absolutely bonkers to me that web development has gotten to a point where this is a novel pitch. Up until not that long ago ALL auth was done directly in your own database and embeded in your own backend. Am I missing something?

replies(6): >>44384028 #>>44384484 #>>44384540 #>>44384697 #>>44385855 #>>44387250 #
1. figassis ◴[26 Jun 25 06:25 UTC] No.44384697[source]
This is a market created by the supabases and it’s no code cousins. I frankly always considered auth so simple and fundamental, with best practices so well known that I never saw the need to use a SaaS for user auth. I guess if you want to offer all the auth methods that this library is useful and saves a lot of time.
replies(4): >>44384810 #>>44384829 #>>44384865 #>>44384925 #
2. simultsop ◴[26 Jun 25 06:45 UTC] No.44384810[source]
You mean that for toying, personal use or hobby projects, right? Otherwise people get jaw drops or facepalms.
3. sc0rpil ◴[26 Jun 25 06:47 UTC] No.44384829[source]
Absolutely wild take. Auth is most definitely not simple, nor are best practices well known, based on number of auth-related vulnerabilities published.
replies(1): >>44388407 #
4. ◴[26 Jun 25 06:53 UTC] No.44384865[source]
5. shreezus ◴[26 Jun 25 07:02 UTC] No.44384925[source]
As someone who has been at a company where for various reasons, we decided to "roll our own auth", I would have to disagree here. Don't reinvent the wheel if you can avoid doing so.
replies(1): >>44398510 #
6. TheCapeGreek ◴[26 Jun 25 15:34 UTC] No.44388407[source]
I guess everyone outside of the JS ecosystem, that has auth baked into the framework for decades, is just doing it wrong and riddled with hackers in their systems?
7. jtms ◴[27 Jun 25 17:14 UTC] No.44398510[source]
I would never suggest "roll your own", but every web framework I have ever used generally has a library that is the go to battle tested auth implementation and just requires adding a few columns and/or tables to your database.