First off, you're awesome for wanting to contribute! 🎉
Hey there! The core authentication system is currently going through some deep architectural decisions. We're talking:
- Device trust models
- Session management complexity
- Security implications
- Confidence calculations
- Verification flows
Authentication requires a single, focused mind making interconnected decisions. Just today:
- I redesigned how device trust works
- Questioned how sessions should persist
- Rethought device verification
- Discovered new security implications
- Changed core approaches multiple times
I need to keep the core auth work isolated until these decisions are final. Otherwise:
PR: "Added verification levels!"
Me: "Actually we don't need those..."
PR: "Updated session management!"
Me: "Just realized sessions should work differently..."
Don't worry! Once the core auth is solid and decisions are final, there will be plenty of ways to contribute. For now, this helps avoid you working on code that might be completely different tomorrow.
Anything that's not touching the core auth. You can always check the Issues tab too.
This isn't just another auth project. We're building the Shadcn UI of authentication - fully customizable code that developers actually own and can build on. No more being locked into specific ways of doing things.
Here's how to report it:
- Check if someone already reported it in Issues
- If not, create a new one with:
- How to make the bug happen
- What should happen
- What actually happens
- Screenshots if you can
- Your browser (Chrome, Safari, etc)
- Fork the repo
- Create your feature branch:
git checkout -b feature/awesome-feature
- Make your changes
- Test everything works
- Push to your fork
- Open a Pull Request
Keep these in mind:
- Focus on one thing at a time
- Follow the existing style
- Update docs if needed
- Explain your changes clearly
I'm Maze, and I love helping devs:
- DM me on X/Twitter
- Open a GitHub issue
- Email me at support@mazewinther.com
Think of this as the authentication foundation that developers can actually build on. Just like how Shadcn UI revolutionized UI components by making them customizable, we're doing the same for auth.
We focus purely on authentication. That means:
- ✅ Email verification
- ✅ Device management
- ✅ Security alerts
- ✅ Basic user settings (email, password, name)
- ❌ In-app notifications (not auth-related)
- ❌ User profiles (usernames, bios, profile pages, etc)
This keeps the project focused while giving developers a solid foundation they can extend.
We also like simple solutions. That way, the project is easier to pick up on.
A few ground rules:
- Be kind and helpful
- Focus on solutions, not blame
- Welcome newcomers
- Share knowledge
Let's make authentication great again!