Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Authentication with AngularJs and Devise Rails, Do I need token system?

I am creating an application based on Rails and AngularJS. I would like to implement an authentication system by using gem Devise. I am wondering how to do it. I read some articles about attribute :token_authenticatable : I will have to put my token at the end of all requests I will send.

I have also read this demo project https://github.com/sectore/CafeTownsend-Angular-Rails They have implemented a SessionService which can create and delete server session. (I suppose, I can use Devise for this job). In rails controler, they get session[:user_id] to know if user is authenticated or not...

My question : Do I need a token system or a cookies system to authenticated my requests ?

Thanks

like image 400
vpoulain Avatar asked May 15 '13 14:05

vpoulain


1 Answers

If your server will be on the same domain as your client, ie: will only be expecting request from your angular client, and the client is hosted on the same URL as the server, then you should use cookies over ssl (for simplicity), EG:

Your site:

www.myangularsite.com/somepage

Your Server

www.myangularsite.com/someserverfunction

They both have the same domain.

However, if you plan on having your server side on a different URL, maybe as an API, then go with tokens, EG:

Your site:

www.myangularsite.com/somepage

Your Server

api.myangularsite.com/someserverfunction
or
myrubyapi.com/someserverfunction

The URL domain is different.

like image 62
ton.yeung Avatar answered Nov 02 '22 06:11

ton.yeung