Frontend or backend authentication?

Hello,

I want to start working on an application for my personal portofolio, and I found out abut Auth0 being a good authentication system.
But I got a little bit confused about what should I use and how. Maybe someone can help me, I would be really grateful.

I want to create a web application that has React as frontend and Python with Django as backend. Most of the processing of the data will be done on the backend but I am confused about what type of authentication I should use. Should I do the authentication on frontend or on backend? Should I use SPA of Web Application Auth0?

I plan to add also a native mobile app that would connect to the backend. In this case, what should I use?

I apologize in advance if the topic was already discussed but I couldn’t find anything that will bring any light on what should I do. Thank you in advance!

If you plan to have a single API (backend) that will be used by completely independent applications (a web and a native application) the likely general recommendation would be:

  • model the React application as a SPA in Auth0.
  • model the native application as a native application in Auth0.
  • model the Python and Django API backed as an API in Auth0.

You would then implement authentication in the applications according to their corresponding quickstarts approaches (follow this one for React - https://auth0.com/docs/quickstart/spa/react/01-login). In addition to that, you would configure the applications to requests an access token for your API, the one you modelled as an API in the dashboard.

See (https://auth0.com/docs/quickstart/spa/react/02-calling-an-api) on how to request an access token to call an API in the React case, although this would be very similar in other platforms as well.