In general, authentication in an Ember application is not too different from authentication in most web applications. You use the session cookie to identify the user registered on the server and display the login user interface if the session is not yet authenticated.
In a traditional web application, this verification and potential redirection will occur in the page request. In the Ember application, you will do this at the request of the API, usually sent from your router, and in case of an API response indicating that the user is not registered, go to the login path, which shows the user the username / password form. If you use OAuth, this will be a similar pattern, but will instead allow the user to initiate an OAuth flow at this point.
Alternative approaches
Other templates include authentication verification the first time the index.html page of the Ember application is loaded, or redirected from the Ember application to the traditional login page when the API reports that the session is not logged in.
Notes
Regardless of your approach, it is important that each of your server APIs confirms that your user is authenticated and authorized. Also, make sure that you usually send all JS code templates and Handlebars to all users, regardless of permissions. This is usually not a problem, as there is no important information in JS or templates, but something needs to be kept in mind.
Update:
I became a fan of the new [torii][1] library to provide some simple authentication primitives, including third-party services.
Luke melia
source share