[Abundnce10]

Thanks for the quick and detailed response!

I use Devise most of my Rails apps, so in my ApplicationController I have `before_action :authenticate_user!`.

Did any of your frontend Angular apps send/request data to a Rails controller? If so, did you have to configure your Angular requests to send the session cookie so it would pass the Devise auth? This is the part that I don't quite understand yet.

In my next side-project I want to continue using Rails for the backend and scaffolding for most pages but I have a small React app that I want to include as well (keeping track of stats for a basketball game). But I'm not really sure what's the best way to go about authorizing whether or not the user has the permissions to upload data to a specific profile. I've only ever used Rails/Devise and all user input occurs through a form.

If you could point me in the direction of what I should be Googling for I'd appreciate it. Best of luck with Opendoor!

[hassox]

If you're generating the page from your rails server then the cookie that is set for sessions would be already available and you can make calls without worrying too much about authentication. If you want to use tokens or OAuth strategies there's a bit more to it but you should be able to find lots of information on it with a bit of googling. Here's an article that seems to cover the basics. https://technpol.wordpress.com/2013/09/23/angularjs-and-devi...

I'd usually google for a collection of the tools I'm looking at. To find that article I searched for "spa authentication with rails and devise"

Good luck with your side project :D