fastapi-login is easy to understand, mostly a single file, flow is relatively simple
database models and user lookups are our own code
easy to extend with other endpoints or features
Drawbacks:
Couldn't get the user_loader hook to register as an async dependency to get the user (was missing the session). Had to write my own db helper (require_login).
Cookies are JWT's, which means there's no way to invalidate them when a user logs out
(minor) Some of typing is a bit off in the library, and the helper to set the cookie was missing a few params (though we were able to add our own helper easily)
Benefits:
Drawbacks:
require_login).