I'm starting on a greenfield project and haven't done or architected the sign-up/sign-in and auth part of the backend in a very long time, so my knowledge on the nowadays' good practices is very limited. I've basically only done basic local sign-up/sign-in functionality.
The app is related to social networking, so thousands of users might be expected in proximity of a few years. Therefore I want to start off with as clean of architecture as possible, obviously. But also trying to "look into the future" and anticipate costs.
Now, for the project I need to have sign-up/log-in options with:
- mobile phone nr.
- Apple account
- Facebook account
I'm looking into managed services like Auth0, AWS Cognito (particularly interested in this one), etc.
But I'm uncertain whether I understand how the process and user account management should be set up. Provided I use a relational DB, do I still need to create the user account models in my application and then:
- when a user signs up thru email - my app handles all the auth, including sign-in and access/refresh token generation and handling.
- when a user signs up thru any other 3rd party means - I use the managed auth service and link the user record in the service to a user record in my DB. Then use the managed service for token generation and handling.
Or, do I delegate the whole user management (including the user account models & data) to the managed auth service? And thus, the only functionality related to auth and user account management in my application will be calls to the managed auth service...?
