Handling user authentication when using ember.js

Question

I was looking up documentation and posts on ember.js, and using ember.js with Rails.

I like the idea of Rails providing the API, and ember.js handling the UI, but I was

Answer 1

Check ember-auth it handles token authentication for ember.js and there is also a demo and tutorial for rails / devise / ember. ember-auth is the best approach I've seen so far to authenticate an ember.js / rails app.

So far I have implemented a basic Ember application based on Ember-auth with Devise token authentication and example Oauth for Google and LinkedIn that can be found here and is live here: https://starter-app.herokuapp.com

Answer 2

I am working on a project with ember.js authentication on ROR platform. Check the below project link on github.

https://github.com/karthikkck/rails-emberjs.git

Answer 3

Update 2

Check out this new github example app that uses a hybrid rails view + devise-variable-scoped ember app that runs on ember 1.0.rc.1 + ember-data rev 11 and persists has_many relationships.

Check out this token authentication project that isn't quite ready but shows a lot of promise. This could be great for mobile client apis that authenticate users client-side, as opposed to simple web-based rails view devise auth.

Both provide for interesting and debatable use cases. I look forward to seeing where this goes in the future.

Update 1

I added super basic user auth using Devise to Dgeb's ember-data example app here: https://github.com/dgeb/ember_data_example/pull/17 . I used Rails controllers for auth creation and scoping, adding current_user user_id's to the creation of new Contact records, while feeding scoped AMS data to the ember app through current_user.id.

---

I've had this very same question for a while and the only open-source ember example app I've been able to find that has user authentication and uses rails is https://github.com/carvil/dash-it. He uses a Rails-Devise login view that passes along current_user info to an ember.js app once the user is logged in.

I know many other people use Devise token_authenticatable to completely remove Rails views and authenticate users in Ember apps strictly through tokens. This is probably the best way to go, but I haven't tried implementing it in an app myself yet, and I haven't found any open source apps that go this route.

Tom Dale, one of the lead developers of Ember, says that they don't have a "favored nation" status yet for any specific user auth solution, so until they either officially support a specific solution or build one into the framework, I'm assuming Devise tokens are the best way to go.

Hopefully someone that has more Ember/user auth experience than me can chime in and demonstrate a better solution than https://github.com/carvil/dash-it, using Ember's state machine and routing in combination with token-based user auth.

Answer 4

One option (not always ideal in all situations) is to initialize the Ember app in a view that requires an active session in Devise to render.

I often do this by keeping the ember app's js/css manifest out of the load path except in a view that sits under an authenticated controller in the Rails app.

You can also protect any data from loading in the Ember app by putting Devise authentication checks on the Rails controllers that populate your data.