Requesting guidance on ember-simple-auth and making the application route authenticated

Howdy! :wave:

I’m looking for a couple of things: 1) if there is a better place to ask this question, its location, and 2) guidance, recommendations on using ember-simple-auth to make application route require authentication.

For various reasons I’m trying to move an existing application into an Ember implementation. The app requires authentication, expect for the login and password reset pages, for any of its pages. From the ESA Readme, there’s a recommendation to nested routes that require authentication under a common parent route. It seems like I shouldn’t do that with the application route, but I"m not sure how to meet the current authentication requirements.

Related but a secondary question: Route names; I know there’s an application ‘index’ route. When I create additional nested routes and I want to define their ‘index’ route, should I use a different name in the declaration:

this.route("provider", function() {
  this.route("index", { path: "/" }); // should this be, instead, "provider-index"?
});

Background: Ember 2.18.2

Thanks for any and all assistance.

Related but a secondary question: Route names

The example you gave is exactly how it should look. When you nest a route it’s automatically “namespaced” under it’s parent so the full route name would be “provider.index” which would disambiguate it from the application index (which would just be “index”).

As for ESA… nested routes can be helpful in that the parent route is the only one that would need to be flagged as “authenticated” but I don’t think nesting is necessary if it doesn’t fit your use case. All you need to make a route authenticated is the AuthenticatedRouteMixin. If you use this in any route that you want to be “protected” by authentication then ESA figures out the rest. You definitely wouldn’t want to make the application route an “authenticated” route if you have any non-authenticated routes (which you do).

So in summary don’t make the application route authenticated, don’t worry about using nesting unless it would be beneficial, and all you need to do to all your “protected” routes is mix the authenticatedroutemixin into them. Also consider putting the UnauthenticatedRouteMixin on your password reset and login routes.

And of course feel free to ask any other questions here or in Discord!

1 Like

So in summary don’t make the application route authenticated, don’t worry about using nesting unless it would be beneficial, and all you need to do to all your “protected” routes is mix the authenticatedroutemixin into them. Also consider putting the UnauthenticatedRouteMixin on your password reset and login routes.

Thank you for the quick reply @dknutsen

I feel like I can accomplish my goals now. :slight_smile:

As for Discord, I’ve joined but it’s still a bit overwhelming. I didn’t see a channel specific to ESA. I’m assuming I just ask in the #help channel?

Ha yeah overwhelming is a good word for it, i thought there was a channel for ESA but I guess not. There is a #topic-auth channel though, that might be a good place to ask though I wouldn’t say #help would be bad.

1 Like