Single page application authentication and authorization

How would I do authentication and authorization in a single page
application running with Rails as the backend?

Any recommendations?

This doesn’t quite answer your question, sorry, but this is how I handle
it…

For security reasons, I don’t start my single page app unless the user
is
already logged in. That is, my splash screen is just a regular page,
using
Devise, and it does the standard POST when the user clicks the log in
button. It is only when they are logged in do I download anything and
fire
up the ajax.

That just feels safer from anyone viewing the page source: you need to
be
trusted to see any interesting page source at all.

On Thu, Mar 21, 2013 at 9:41 AM, Johan V.

For one-page or bigger solution - I would read Chapter 8 from the
http://railstutorial.org book. It describes a do-it-yourself (and hence,
fully customizable) solution based on SessionsHelper. The solution
provides
authentication which is persistent ower browser window close (by help of
cookies, of course).

I am just going through that book myself, so I am just a newbie. Based
on
your question, I would guess that so are you. :slight_smile:

  • Jussi

Yes, I am a newbie. :slight_smile:

I’m also reading that book but I’ve yet got to that chapter.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs