You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There are many authentication libraries in the Node/JS ecosystem—Passport.js, Auth.js, Lucia, remix-auth, and more. There are also many auth service providers like Auth0, Clerk, and Supabase.
However, most existing libraries are highly web-centric. They often assume you’re building a web app with Express, Next.js, or similar, and tightly couple authentication to HTTP routes, sessions, or middleware. This makes them less suitable for multi-platform projects, or for cases where you want to decouple the authentication logic from the transport layer.
Motivation
What if you’re building:
A web app (React Router, Next.js, Nuxt, etc.)
A mobile app (React Native, Swift, Kotlin, etc.)
A desktop app (Electron, Tauri, etc.)
Or a combination of all of the above?
For native apps, you want the end-user experience to use the platform’s native auth APIs (Apple, Google, Facebook, etc.), and have your backend validate with the service provider. You don’t want your backend auth solution to be tightly coupled to HTTP routes or web-specific flows.
Goal:
Design an Auth module/plugin for NexusDI that is:
Transport-agnostic: Works for HTTP, RPC, GraphQL, native apps, etc.
Strategy-based: Easy to add new providers (OAuth2, OpenID, SAML, custom, etc.)
Composable: Can be used in any DI context, not just web servers.
Flexible: Lets you handle the user experience and transport, and just provides the validation/verification logic.
Decoupled from HTTP/web—usable in any backend context
Extensible for custom providers and flows
Optionally, helpers for common web patterns (but not required)
API Sketch
// Register the Auth plugin with strategiescontainer.use(AuthPlugin,{strategies: [OAuth2Strategy({provider: 'google', ... }),OAuth2Strategy({provider: 'apple', ... }),CustomTokenStrategy({ ... }),]});// Use in a service/controllerclassMyService{constructor(privateauth: AuthService){}asyncauthenticate(token: string){returnthis.auth.verify(token);}}
Open Questions
Which strategies/providers should be supported out of the box?
How should provider discovery/configuration work?
How should this integrate with other modules (e.g., RBAC, HTTP, GraphQL)?
Should we provide optional helpers for web frameworks, or keep those as separate plugins?
Call for Feedback
What use cases do you have for authentication in NexusDI?
What features would you like to see?
Any concerns or suggestions about keeping the module transport-agnostic?
Are there existing libraries or patterns you think we should learn from or integrate with?
Should we even do our own, or just make a module for an existing library on the market?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Overview
There are many authentication libraries in the Node/JS ecosystem—Passport.js, Auth.js, Lucia, remix-auth, and more. There are also many auth service providers like Auth0, Clerk, and Supabase.
However, most existing libraries are highly web-centric. They often assume you’re building a web app with Express, Next.js, or similar, and tightly couple authentication to HTTP routes, sessions, or middleware. This makes them less suitable for multi-platform projects, or for cases where you want to decouple the authentication logic from the transport layer.
Motivation
What if you’re building:
For native apps, you want the end-user experience to use the platform’s native auth APIs (Apple, Google, Facebook, etc.), and have your backend validate with the service provider. You don’t want your backend auth solution to be tightly coupled to HTTP routes or web-specific flows.
Goal:
Design an Auth module/plugin for NexusDI that is:
Proposed Features
API Sketch
Open Questions
Call for Feedback
Beta Was this translation helpful? Give feedback.
All reactions