@mastrolinux FrontConf 2020 Userbase Privacy-first, Open Source, Serverless, JavaScript SDK to create secure web applications. 

@mastrolinux What do they have in common? 

@mastrolinux What do they have in common? 

@mastrolinux What do they have in common? 

@mastrolinux What do they have in common? 

@mastrolinux They have to manage users! Pretty standard no? Then let’s setup and oauth2 backend, or SAML, or OpenID or… Wait what?! You are (probably) a Frontend Engineer (I am not, but I know your pain) 

@mastrolinux Disclaimer My Frontend experience is ~ 0 I am a Cloud Architect and DevOps person I use Linux and Windows and I love Go and Python 

@mastrolinux Disclaimer But I feel at home here because of the CoC 

@mastrolinux What you (Dev) usually ask me First of all you ask me for an SSO, then a Database, and they have to be Simple to Use Secure GDPR Compliant No Backend Required Did I already say “Simple to Use”? 

@mastrolinux The problem 01 GDPR and CCPA are scaring small companies and developers. It is hard to be compliant. 02 Managing users, password resets, login/logout and storing user data has always been a repetitive task. 03 Storing data safely and creating a working scalable backend is still hard for many developers, Serverless and Jamstack are going to be more and more popular. 

@mastrolinux HISTORY MIT License, we do not fear competition Automatic AWS resource creation Super-small API Infinite scalability On Prem and SaaS Users’ data are a liability Existent software are way too complicated There are not many Open Source projects about this Most of them are about communications/chat (Signal API) Every solution is custom made 

@mastrolinux Then We Made It Obvious 

@mastrolinux SOLUTION Javascript SDK Few endpoints DBs are private for users Unlimited number of users Unlimited number of DBs Thanks to DynamoDB JS SDK Admin API 

@mastrolinux GETTING STARTED 

@mastrolinux SETUP AND LOGIN 

@mastrolinux SIGN-UP 

@mastrolinux SIGNUP ● When a user signs up, the user's client generates a random seed. ● This random seed has an associated public private key pair. ● The user's client also generates an encryption key derived from the user's password. This encryption key is used to encrypt the user's random seed. ● The user's client then sends the server the plaintext public key, as well as the user's encrypted random seed 

@mastrolinux SIGN-IN 

@mastrolinux USERS’ FORGOT PASSWORD? 

@mastrolinux DB OPERATIONS 

@mastrolinux DB OPERATIONS 

@mastrolinux 

@mastrolinux END TO END ENCRYPTED 

@mastrolinux LIVE DEMO WITH SYNC 182 LoC 

@mastrolinux RESOURCES ● Official Repo Userbase ● Complete Example Ugliest ToDo List ● Works with ○ Svelte ○ Gatsby ○ React ○ Typescript ○ Your own Framework/Tool 

@mastrolinux SUMMARY ● SSO with Admin Panel ● E2E Encryption ● Infinite Scalability ● Database real-time sync ● Open Source ● On Premise or SaaS 

@mastrolinux userbase.com twitter.com/mastrolinux medium.com/@mastrolinux THANK YOU! 

@mastrolinux Founder Daniel Vassallo 8 years at Amazon AWS (Cloudwatch Logs) Wrote the Book “The Good Parts of AWS” Wanted more motivation Started Userbase Years at AWS 8 Sharing online 100% Book 1 Twitter Star 90% 

@mastrolinux Dev Justin Berman Backend Developer ES6 Expert Working during the night Writing most of the backend code Node.js Experience 8 ES6 usage 100% Working at night 80% Backend code 75% 

@mastrolinux Dev Luca Cipriani 6 years at Arduino (CIO) Open Source lover Wants to experiment different technologies Helping Userbase with Testing Years at Arduino 6 Sharing online 100% Degrees 0 Manager 50%