You are reading a single comment by @Howard and its replies.
Click here to read the full conversation.
Howard-
They only ship a single JS file, that is capable of doing both a traditional web app and a single page JS app. The latter is the first part of the issue.
Then it is possible to configure an auth0 app to use lots of different authentication providers... as an idea from the JS:
var STRATEGIES = exports.STRATEGIES = { "amazon": "Amazon", "aol": "Aol", "baidu": "百度", "box": "Box", "dwolla": "Dwolla", "ebay": "ebay", "exact": "Exact", "facebook": "Facebook", "fitbit": "Fitbit", "github": "GitHub", "google-openid": "Google OpenId", "google-oauth2": "Google", "instagram": "Instagram", "linkedin": "LinkedIn", "miicard": "miiCard", "paypal": "PayPal", "planningcenter": "Planning Center", "renren": "人人", "salesforce": "Salesforce", "salesforce-community": "Salesforce Community", "salesforce-sandbox": "Salesforce (sandbox)", "shopify": "Shopify", "soundcloud": "Soundcloud", "thecity": "The City", "thecity-sandbox": "The City (sandbox)", "thirtysevensignals": "37 Signals", "twitter": "Twitter", "vkontakte": "vKontakte", "windowslive": "Microsoft Account", "wordpress": "Wordpress", "yahoo": "Yahoo!", "yammer": "Yammer", "yandex": "Yandex", "weibo": "新浪微博" };When you combine both "all the JS for a single page web app (in something like React)" with "all the JS to talk to all these social providers" whilst then having "all the JS to render the UI"... one ends up with a huge JavaScript file.
Velocio
auth0 is a commercial thing, and it's fairly heavy as well as pricey.
The cost:
That's basically not far from the cost of our web servers for all sites. So it's definitely expensive.
However they have a free plan if the number of "active users" is below 7k in a month... and so I figure that I can make each site owner register their own auth0 account, and this spreads the load, whilst leaving the site owners fully in control of their user lists, and it means it's free.
But the second issue... the minified JavaScript is over 600KB. That's more than half a meg, for JS just to sign in.
That's crazy.
But hey, this all works, so it's a good plan B.
Ah... plan B.
Because Portier is still Plan A. I've configured auth0 to do what Portier will do, auth against Google and Microsoft, or send a code to your email.
Portier is free, and there's no need to make it have a 600KB JS file.
So Portier is behind schedule but free, and should work identically to the way auth0 is working (or near enough to not make a difference).
Portier is in fact the preferred option as:
But the Plan B means:
Basically... options, this gives us options.