Skip to content
Sign upLog in
← Back to Community

Auth system

Profile icon
VulcanWMHacker

I have my own signup and login system and I’m going to be using the same login system in several of my projects and I don’t want to the repeat the same code again (and MongoDB only lets me connect my cluster from 5 different places).
So I’ve decided to make an auth system (something like Repl Auth).
But I don’t know how to make something like that especially I’ve stored all my data using Python, and I’m scared that if others use it they might find out other user’s usernames and passwords.
Do you think I should make an app route in a flask app with the username and password (something like /login//) and add a function which tells if the username and password is correct or not? Or should I do something else? If I should do something else, what should I do?
Thanks

Answered by techpixel [earned 5 cycles]
View Answer
Voters
Profile icon
VulcanWM
Comments
hotnewtop
Profile icon
techpixel

Tips:

  • POST request with an SSL certificate allows encrypted data to pass from browser to server.

  • Hash your passwords.

Profile icon
VulcanWM

I’ve done the password hashing bu what do you mean by the first point?

@HarperframeInc

Profile icon
techpixel

@VulcanWM
Here.

Profile icon
VulcanWM

Thanks I’ll try it out

@HarperframeInc

Profile icon
RoBlockHead

I'd suggest using a system such as OAuth2 or ReplAuth as opposed to implementing a custom auth system. If you get one thing wrong with a custom system, everything will be compromised. I like the GitHub OAuth2 system because it is relatively easy to use.

Profile icon
VulcanWM

I’m just using this myself it’s not for other people to use

@RoBlockHead