Your brand has multiple products on the web. They all need authentication. But obviously, you’d maintain a common authentication and user database.
Also, in this age, you cannot make a login system without Login with [Facebook|Google|Twitter|...]
For the second thing, you need to consume Oauth2.0 (the industry standard now), for the first thing, you need to make your own Oauth server.
And you want all of this to happen securely (so yeah, little to no frontend JS)