I’m using Drupal to build a site that will provide an end user the ability to search my database for information but before they do this we will require them to login. After login they can either pay for a membership (yearly) or stay with the free option. Either choice will then limit the amount of results they see when running the search.
My question: Is it better for me to use the internal login system that is built into Drupal (/user) or setup a new login system?
I know that using the /user can leave my backdoor to website vulnerable but without my login credentials which are not public and 2 factor auth that shouldn’t be an issue. Also I feel that with using /user (or what ever i change it to using redirect module) it would then run smoother with other modules that are incorporated into Drupal.
The information on the DB is public info the only thing that needs to be secure would be login credentials and the payment which will be through a third-party commerce.
Any help is appreciated!