Tutorials-guides-examples on Auth with Ember.js and REST backend

Hi All

I am creating a small web app that is going to connect some web settings to hardware (think of rest API controlled by users on the web and embedded device reading whatever user has set on the web). Final settings are to be public, but only properly authenticated users should be able to perform changes on the web.

As you see the point of the project is not the client spp, but hw interaction and to some extent rest server (done in node.js). So I figured I try a single page app this time and ember.js seems to be just what I want: Simple and very opinionated: I don’t have to make difficult choices.

Yet… For three last there days I am bouncing my head against figuring how to perform user registration and authentication and somehow I fail to find a good example. Stormpath guys provide some examples, embercasts show something quite generic, yet I fail to find a complete example?

What do you guys use? As the point of the project is the hw interaction prototyping i am ready for tradeoffs: It can be email-password, it can be e.g. Twitter-based or google-based auth only. It can even use some cheap third party SaaS solution such as Stormpath.

Please, suggest.

Best regards, Artem.

Not so sure if this is the best way to do it, but here’s how I chose to implement it:

https://github.com/kgish/ember-hal-client#authentication-and-how-it-works

I have been a Ruby(and most Rails) dev for quite a few years. So I was already familiar with creating a Rails based API and using Devise. I was able to wire up the ember-simple-auth-devise CLI addon without much issue.

Basic flow is Ember App checks to see if it’s authenticated(on some route that needs it) by having some sort of token → (lets assume it doesn’t have one) Ember asks to submit a login → Backend checks to see if login is valid → (assume it is) sends back token, via JSON to ember → ember then attaches token as header to every request that needs auth in a header → backend API checks for header token on every request and proceeds if it is a correct token to return the JSON needed for the particular model.