I wonder where's the post mortem that goes like: "Our auth solution isn't scalable enough, so here's how we implemented a better one."