#038 - I Got Caught Rolling my Own Auth... feat. Dev Agrawal
Backend Banter
Shownotes Transcript
Lane chats with Dev Agrawal— content creator & Developer Advocate at Clerk! Tune in as they discuss DevRel, authentication vs. authorization, JWT, and so much more in this episode.
Learn back-end development - https://boot.devListen on your favorite podcast player: https://www.backendbanter.fm
Dev's Twitter: https://twitter.com/devagrawal09Dev's Youtube: https://www.youtube.com/@devagr
(00:00) - Introduction
(00:50) - Is Dev's name really Dev?
(02:10) - What is it about writing code that scares Dev?
(02:50) - JavaScript is one of the worst with dependencies
(03:09) - Dev's ideal world
(03:20) - .NET and Blazor
(03:59) - Blazor explained
(04:36) - WASM on the Front-end
(05:04) - Is Blazor unique to C# ?
(06:11) - What is a DevRel?
(08:07) - Lane's experience
(09:13) - You shouldn't roll your own Auth
(11:59) - Undifferentiated work
(13:56) - Authentication vs Authorization
(16:19) - Regarding Auth, which is a bigger pain point for companies
(16:48) - Pain points of Authorization
(18:38) - Pain Points of Authentication
(20:23) - Lane's perspective
(22:29) - Using a third party for authorization
(24:27) - Is Clerk used for both Authentication and Authorization?
(26:16) - JWT explained
(28:39) - Where is the users' data stored?
(29:27) - Features are developed as needed
(29:52) - Auth coupling to the rest of the system
(30:16) - Webhooks listeners to access user session data
(31:03) - Postgres foreign-data wrapper
(32:09) - Microservices sharing databases
(34:29) - CQRS
(37:37) - Average size of a company that uses Clerk
(40:50) - What are the most used ways to sign-in
(42:04) - Stances on passwords
(46:56) - OAuth
(50:33) - Why Lane dropped Sign-in with Twitter/X
(51:14) - What do popular services usually use?
(52:24) - Sign-in with Google
(57:39) - Unpopular opinion on Auth related web architecture
(01:00:17) - 2 ways of doing authentication
(01:05:59) - Where to find Dev
