Sure, because “do passwordless emails” is just a snap of the finger away, right?
The point is that doing auth properly is hard. Sending an email might be easy, but creating and managing the session in a secure fashion is hard, even if you’re “just doing passwordless email auth”.
This whole comment thread is about not outsourcing your user management stack to a third party and your intended suggestion is.... A different third party?
I don't think I understand exactly what your argument is.
Ok it’s not just me then. I felt like I was taking crazy pills when reading the replies, and the ones to the sibling comment thread where they pivoted to talking about personal security with magic links when this entire conversation has been about companies implementing user management solutions.
This is a very reductionist assessment of the thread and glosses over one important detail I said here:
> The choice is yours to reimplement this authentication system, but in terms of "a snap of the finger away", You can do that, That is all.
It doesn't matter if it's a 3rd party, it is still an option that exists "a snap of the finger away", which was my response to that comment, this type of system can be done in an hour, 3rd party or library.
But if you want to speed things up, then there's your solution.
That was the point, but go ahead and try and reduce and spin this to your own interpretation.
The point is that doing auth properly is hard. Sending an email might be easy, but creating and managing the session in a secure fashion is hard, even if you’re “just doing passwordless email auth”.