I wonder if it'd get anywhere. There's not enough CPU/memory allocated in a lot of these platforms to make it work e.g. Deno deploy and Cloudflare workers (bundled) has 50ms of CPU time.
Then that means those platforms are insecure and should not be used, or authentication moved to another layer that does not suffer from those limitations. My rule of thumb is that if authentication does not consistently require at least 1 second, passwords are probably stored insecurely. Fortunately password managers with unique generated passwords limit the blast radius.
Cloudflare Workers "Bundled" is a legacy mode that is not the default these days. Unbound mode (the default for paid subscriptions) offers 30s CPU time.
