I have been recently going through emberjs 3.x.I have done a basic CRUD application which stores contacts and updates them.
I wanted to create users and store separate contacts for each of them.
But If I search about it in google I end up only in examples using only addons.
Is there any way to do login/signup without addons in ember?
You can certainly roll your own authentication solution but I think there are several reasons the vast majority of people use addons (ember-simple-auth being the most popular):
- It’s non-trivial, there are edge cases and a number of things to consider even in a very simple OAuth implementation.
- You’d be reinventing the wheel in the vast majority of cases. Unless you have a purely custom backend authentication mechanism you’re probably going to be using pretty standard conventions. Why spend time reinventing something which has a time-tested and community supported solution already?
- You can contribute to the community. Instead of trying to roll your own solution you could always try to contribute to ESA or Torii
So… I personally would strongly recommend just using an addon, probably ESA. Depending on what your backend authentication service looks like it will be a lot easier. ESA for example provides a session management service, an auth store (e.g. cookie/localstorage/etc), an easy and flexible mixin for defining “secure” routes, and plugins/authenticators for a variety of different authentication methods/types like password grant, implicit grant, 3rd party systems like facebook/google/twitter, etc. If you want to roll your own you’re going to have to come up with a lot of that by yourself and unless you’d really like to do this as an exercise for yourself that seems like a lot more effort than it’s worth.
Of course if you have any more questions about specific authentication concerns or methods or addons or whatever definitely don’t hesitate to ask.
I totally agree, the only one case in which I went for my own login is in one app where the user can access a set of commands (aka pushbuttons) that if pressed for mistake can create trouble. For several reasons that are out of the scope of this topic, I did not want to rely only on a confirmation popup, so I hidden the pushbuttons and built a sort of client-side-only login that makes those pushbuttons visible. The status is saved in a service and is retained until logout or complete browser page refresh.
If I am using ESA should I write my own authenticator in the case where I have my own backend java server?
Does your java backend use any standard authentication method or libraries? Like is it an OAuth implementation or totally hand-rolled?
ESA provides a pretty good set of basic authenticators, OAuth2PasswordGrant probably being one of the most common. If you’re using a custom auth backend or something which isn’t covered in the scope of the included authenticators though then yeah you’ll need to write your own.