Why do you surely need to use the default Auth of any framework?


2 min read


  • Fully tested and trusted by thousands of companies

  • Avoid reinventing the wheel

  • Save times

Authentication & Authorization

Basic terms, aren't they?

  • Authentication: give users access to our system.

  • Authorization: check if users can be able to use/access any part of the system.


From the outside world, in any framework from any language, the default built-in will always include:

  • Authentication module

  • Authorization module

For example: Laravel (PHP) has it, Spring (Java) has it,...

Why you should use them (or build your logic on top of it)?

We have plenty of reasons to use the built-in modules of the framework. Let's list out the simple ones:

  • Save time

  • Avoid reinventing the wheel

  • Fully documented


I've seen multiple projects that implement their own ways of doing authentication & authorization. And it is a big pain in the ass for maintaining (no documentation), newcomers have to learn things in the hard way.

Imagine you want to use a super cool and trendy framework which covers you up with hundreds of cool things, and yet you still create your own way. You don't utilize the best of the framework.

If you're working on a startup and follow that, congrats, not only it takes more time but also you make big tech debt at a later stage.

Let's continue with other items:

  • Fully unit tested

  • Battle-tested

  • Trusted by thousands of companies in the world

  • Bug-free (quick fix from communities as well)

Unit testing is a thing, yes. But I suppose 90% of projects out there are not covered by tests. Which are unsafe than using the built-in modules. Not to mention the "battle-tested".

By combining the full list, you can see why you need to use the built-in Authentication & Authorization. PROs are a lot.

You don't change the way how the framework work. You build cool things on top of the framework, and let the framework empower your projects.