|
|
|
|
|
|
by hassox
3392 days ago
|
|
|
Hi! When we first started we used a pretty vanilla version of Devise. The angular application just used session based auth. The easiest way to get the MVP happening was to have Rails generate the landing page of the SPA so we got sessions for 'free'. As we started to add more options for authenticating to the application to handle micro-services and our mobile application we took advantage of Warden/Devise and implemented a custom strategy for handling JWT authentication in addition to the regular session based strategy that comes out of the box. The JWT authentication is Guardian compatible since we use Guardian to drive Paladin. It was a relatively straight forward addition with Warden/Devise to provide authentication based on either strategy which allows us to take advantage of these different schemes with minimal updates to our core application. |
|
|
I use Devise most of my Rails apps, so in my ApplicationController I have `before_action :authenticate_user!`.
Did any of your frontend Angular apps send/request data to a Rails controller? If so, did you have to configure your Angular requests to send the session cookie so it would pass the Devise auth? This is the part that I don't quite understand yet.
In my next side-project I want to continue using Rails for the backend and scaffolding for most pages but I have a small React app that I want to include as well (keeping track of stats for a basketball game). But I'm not really sure what's the best way to go about authorizing whether or not the user has the permissions to upload data to a specific profile. I've only ever used Rails/Devise and all user input occurs through a form.
If you could point me in the direction of what I should be Googling for I'd appreciate it. Best of luck with Opendoor!