I went back and forth deciding if I should use a service like auth0 / Clerk / Stack Auth for my Flask based app. Ultimately I decided on doing it myself. Storing users and organization in the SQLite db and using a Flask package like Flask-Login. I didn’t want to have to migrate to an ORM (SQLAlchemy) and needed a few basic constraints:

- Users can optionally be assigned to an organization but not required.

- Email address is globally unique.

- A user can only be associated to a single organization.

- 2FA support.

- Single-Sign-On support with Google, Facebook, and GitHub.

I have a feeling not using a framework or auth service is going to bite me in the butt down the line, but it just felt easier to roll my own implementation to start.