It just concerns best practises here. I’m currently using FastApi from the Python Framework to create an API. I’m deploying this using API Gateway, AWS Lambda, and DynamoDB for storage. I want to add authentication and authorization now that I’ve implemented some CRUD-Operations. The concept is that users can obtain a bearer token by logging in with their username (or email) and password.
Since I don’t use Cognito much, I considered integrating Auth functionality into the FastApi code. (create registration and login endpoints i.e. with fastapi-users library). Does that meet best practises standards? Or are there compelling reasons to employ API-Gateway Authorizers and Cognito for such purposes?