015 - Stop Reinventing The Wheel: The Build vs Buy Debate
As a developer, whenever I hear about a problem or project, my first instincts are what can I build to fix this, quickly followed by what technical stack can I use or what technical challenges will I run into. This is really great when it comes to tackling technical problems, however this also often takes developers down the path of reinventing a wheel that they don't necessarily need to. One particular example that came to mind is authentication.
I'll be focusing specifically on user authentication. Any skilled developer will tell you that building a good authentication system is really hard. A naive developer will think it's easy to build, where all you need to do is setup a form to collect the data in a database, then do a check every time they log in. This, however is where the spiral starts.
- What
usernameare users using? Is it email, a username or a phone number? - You'll need to figure out what security options to use to secure the account.
- How will you identify if someone is logged in if they revisit your site again in a week or a year?
- What does the logout flow look like?
- What happens if the user forgets their password?
- How would you go about adding more security like passwordless login or 2FA?
This is only the tip of the iceburg in terms of building out a functioning authentication system. I could dive into another spiral of internationalization related issues with authentication systems, for example trying to gain access to a service that uses OTP (one time passcodes) sent to a number I don't currently have access to.
Instead of going down that spiral, it may be worth using tools like Auth0 or Netlify Identity.
Both of these services have fairly generous free tiers that let you experiment with them without needing to pay until you have more users on board. The service effectively manages the logon flow for your users, all you have to do is monitor and manage if the user is logged in, and update their status. You can usually get the integration setup fairly quickly as well - I'm talking a couple of hours - compared to spending days or weeks building out an entire authentication system yourself.
Sounds pretty amazing, right?
There are two big drawbacks that come to mind with these services. The first is that they often lack customization options, which means you have limited control over what the user login flow might look like. The second is that once you choose a platform, you're almost tied into that platform. Swapping to a different platform may require your users to do some work which is not a great experience.
As with any good debate, there are obvious pro's and cons. The core things to consider are: - what's offered in the free tier (where you're still experimenting and don't want to spend money) - how much will it cost per user in the future? - how much time does buying save you compared to building? - what customziation options are available? - how easy is it to migrate off this onto a different option (or homegrown option) in the future?
What decisions would you make? Would you try to reinvent the wheel and build out an authentication system, or would you use an existing solution available today and potentially migrate in the future?
New Blog Posts
Adding HTML into Automated Emails with Google Sheets - Bootstrapping and using Google Sheets and Google App Scripts to automate your emails? This guide dives into how to make your automated emails look nicer by adding HTML tags in them, allowing you to include images and add some styling.
Little Plugs
I like the idea of plugging interesting articles that I see around the internet.
- Hype Docs - the best way to combat imposter syndrome
- Five Ways to Build $100 million Business
- Invest Fem - The first global database of female-founded businesses, and investors 100% committed to funding female entrepreneurs
- Getting Your First 100 Users