Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If I want to put something together fast I use the default AWS Cognito and Firebase Auth widgets. I think Firebase Auth has more third party sign in options.

In my current project I do away with accounts completely and just email a link that sets a cookie for 30 or 90 days [1]. I think the Auth you choose highly depends on the money/privacy/sensitivity/fraud potential of your project.

[1] https://tedpiotrowski.svbtle.com/shade-map-pro



Absolutely recommend against using AWS Cognito. It is a nightmare to use.

Currently I am trying to integrate Firebase into AWS because of how bad Cognito is.

One thing going well that Cognito will never be is Firebase Auth.


What made it a nightmare to use? We're just about finished migrating to Cognito (using our own UI) and it's been the same experience as working with Auth0 but much cheaper. The only goofy part was in order to have a custom password reset email you need to put it in a lambda.


Attributes. There are standard attributes like email, phone_number, name, address. Then there are up to 50 custom attributes you can define which need a min/max length and can be of number or string type. You can't remove or change them after you define them. As you user metadata grows this can be insufficient and inflexible causing you to store user data set in another place like a DB. Now your user data is fragmented. Part of it is Cognito and part of it is in the DB. This leads to complexity and performance hits when querying data and consistency issues when updating data. I would avoid using Cognito attributes at all costs and use a DB table for user metadata instead.


Ok, good to know. We've always used our IdP as bare bones as possible and store all user info locally in the DB, so that's why this wouldn't be an issue for our particular setup.


I wish it was easier to use Firebase Auth without the half-maintained javascript mess that is firebase-ui, which has not worked with the current Firebase SDK for, over a year now? (or at least I still failed transitioning from SDK 8 to SDK 9 as of a couple of months ago).


I got it working a couple of weeks ago


You're right. Things I don't like about Cognito is it stores your users email address/phone number but limits additional metadata so you need a separate user DB table. Now you have to keep Cognito and your user DB table synced and if you want to display a users email along with mailing address, etc on a page you have to query both Cognito and your user DB.

The ease of two factor Auth is nice though.


+1 That's one product AWS completely dropped the ball. Also, it has not received relevant updates for a long time.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: