Agree. There are a number of components like login, password reset, forgot my password that it would be much better if we could get a superbly designed and written black box for this. Unfortunately in node/npm — there are often bloated, poorly written modules that claim to be this, but are not. How to tell the wheat from the chaff?
Other such modules include:
- centralized logging
- node express configuration for a secure app with exception capture and all HTTP security headers defined
- and many others.