BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage News Uber Introduces a Universal Signup and Login Stack

Uber Introduces a Universal Signup and Login Stack

Bookmarks

Uber recently introduced Unified Signup and Login (USL), an effort to consolidate signup and login experiences across all Uber apps and services. USL lowers the engineering complexity and maintenance overhead associated with these flows and allows faster rollout of security policies and fixes. Over the last two years, Uber rolled out USL across Uber Rides, Uber Eats, and Uber Driver. Currently, more than 78% of Uber's traffic has adopted USL.

Initially, an independent signup and login experience for each of Uber's apps allowed Uber to innovate and move quicker. However, as Uber scaled and added additional lines of business, the experiences began to diverge, amplifying some inconsistencies. For example, these inconsistencies forced some users to create duplicate accounts:

In the past, [Uber] Rides allowed users to create their account with social identities, however the login experience for Uber Eats didn't allow users to log in using a social identity. Such incompatibilities between onboarding experiences lead to millions of users being blocked during login, or forced to create duplicate accounts, leading to a high volume of support tickets.


Different signup and login experiences at Uber before USL
Source:
https://eng.uber.com/usl-ubers-unified-signup-and-login-stack/

In addition, cross-cutting security policies and fixes and new growth features took much longer to implement. Since each team owned its signup and login experiences, 15+ product teams had to implement every such feature, significantly increasing engineering complexity and cost.

USL is a web-based signup and login experience embedded in mobile and web apps. Since USL is web-based, any security update or growth feature is instantly deployed to all users and doesn't require any mobile app upgrades, adding to developer velocity.


USL unified signup and login flows
Source:
https://eng.uber.com/usl-ubers-unified-signup-and-login-stack/

USL is implemented as a web-based single-page application built using FusionJS. When a user opens signup and login flows, a series of middlewares built on top of Koa.js process the HTTP request. After running through the plugins, FusionJS generates the HTML content and sends it to the browser. The JS and CSS are loaded from a CDN, and the React Application is hydrated in the browser.


Frontend architecture for USL
Source:
https://eng.uber.com/usl-ubers-unified-signup-and-login-stack/

Since performance in low bandwidth situations is crucial for USL, Uber engineers use JS bundle splitting to ensure that the browser only downloads a fraction of the entire JS code on the initial page load.

USL has complex product requirements that are also regionally optimized, resulting in 100+ different signup and login flows. The backend represents a user's login and signup journey as a graph. A node in the graph correlates to the screen the user sees and offers one or more challenges to the user. The challenge is validated based on the user's input. As a result, a state machine governing the graph gets executed and determines the user's next node (screen).


High-level architecture of the signup and login service
Source:
https://eng.uber.com/usl-ubers-unified-signup-and-login-stack/

Uber's engineers built a custom tool that generates monitoring alerts. It internally uses Uber's anomaly detection tool to determine the thresholds based on historical data automatically. According to the engineers, "we have integration tests for all of the flows and blackbox tests for the critical flows, which give us the confidence to deploy backend/web code multiple times a day."

About the Author

Rate this Article

Adoption
Style

BT