Why Custom Build Auth?

After a couple of decades of writing code and studying 30+ CMS/Frameworks & Enterprise Auth providers we concluded that all the Authentication/Authorization systems are still way too complex and required far too many steps.

Rather than lock ourselves into something complex and then be stuck with slow/no progress, we decided to build something from scratch that would allow us to move much faster in the long run.

We have documented all the steps taken in creating our auth system. The code is well tested and maintained so anyone can read how it all works.

The Best Way to Understand Something is to Build It!

We encourage anyone interested in understanding how things work behind the scenes to read through the auth chapters. We've attempted to include all the steps we took so that anyone can grok it.

However we know this is not the most exciting part of the application stack. If you prefer to skip the auth section entirely, you can just use it and treat it as a "service" that "Just Works^TM" and only refer to specific parts when needed.

Why Re-build Auth?

We learned a lot from building our first version of auth in Elixir. Our "Version 1" has been working in production for several years and thousands of people have used it successfully. The UI/UX for the "end-user" is fine; it's fast and already does what we need. We aren't going to change what the person using auth see very much in the next iteration. What is not fine is the maintainability and thus extensibility of the project. We recently saw this when we tried to add a new feature to auth, but we saw Ecto constraint errors.