Published: April 01, 2022 • 2 min read
When building a demo, I believe you often can and should skip authentication.
Picture this: a junior engineer or team demoing an MVP. Smart and creative folks with lots to offer. Yet they spend half of their limited building and demoing time on auth. A sample script from the demo:
“So we click ‘login’ and now we’re on the login page, which we know because the URL says so. Then, we can either sign up, sign in, or reset our password. We’re going to sign in with a username and password I set up before the demo. I fill in the username ‘demo-user’, password ‘password’, and click ‘submit’, and now… wait for it… I’m on my homepage. See my username in the navbar? That only shows up when I’m logged in.”
Let’s concede that auth is important. Most software depends on it for roles, privacy, and a sense of belonging. In production software, you almost always are going to need it. It’s an early feature of most web applications.
If that’s true, why omit it from the demo? I believe that auth:
Auth should be feature-driven. The Lean Startup encourages us to rapidly iterate. You don’t have time to build most things because you’re prioritizing speed. If a feature demands it— security, privacy, showing account information— add auth. But if it doesn’t, don’t.
Auth is yak shaving. I’ve implemented it many times, rolling my own (not recommended), using libraries, and using SAAS tools. It’s just surveying the changing auth marketplace, choosing a tool, signing up for an account, and reading sales-oriented docs. It’s a schlep. It doesn’t boost morale. It’s like Tolkien included a chapter where Frodo is just sharpening weapons and collecting supplies.
Auth is boring. Unless your project is auth-as-a-service or very sensitive, nobody cares about auth. When I was first learning to program, implementing auth was satisfying. For everyone else, auth is a speedbump. It’s invisible unless it’s unusual or broken. The point of a demo is to show progress and generate excitement, and auth doesn’t do either of these well.
Auth torpedos creativity. If you have time to build two features, why have one be login? Save that time to show how you might make somebody’s life better or change the world.
Skip auth, hard-code “demo-user” into the navbar, have fun, build something useful.
What are your thoughts on this? Let me know!
Join 100+ engineers who subscribe for advice, commentary, and technical deep-dives into the world of software.