Ember-simple-auth and the server side of things


#1

It looks like there are three options for the sever side of ember-simple-auth

  • simple-auth-oauth2 provides an OAuth 2.0 authenticator
  • simple-auth-devise provides an authenticator compatible with the popular Ruby on Rails authentication plugin devise
  • simple-auth-torii provides an authenticator that wraps the torii library

My server is NodeJS so item 2 is out.

What the is difference or pros/cons of items 1 and 3?

Thanks!


#2

I believe, but am not certain, that the devise-compatible extension simply uses bearer tokens, which wouldn’t actually be devise-specific but will work with any standard token auth system. I could be wrong.


#3

The OAuth 2.0 Extension library implements the Resource Owner Password Credentials Grant of OAuth 2.0, the devise one works with the Rails plugin so that’s not an option when you’re using node and torii is for connecting external providers like Facebbom etc. the easiest solution is to just use OAuth 2.0 and use a middleware that implements that in the server side.


#4

I recently implemented ember simple auth and I went for ember-simple-auth-token, therefore JSON Web Tokens. I actually tried to implement Oauth 2.0 at first, but it was quite cumbersome and JWT is just what I need. I think it should be more promoted at simple ember auth docs, I stumbled apon JWTs plugin totally randomly on github. For Sails framework, there is quite nice library to implement JWT on server side - http://waterlock.ninja/.