We have two authentication endpoints setup (One node/express/mongo, the other django rest/psql) that will verify ownership of the public address it is coming from via web3.
Both starterkits have their own readme and are easy to setup. These satisfy the requirements of all the authentication endpoints found in our main API