What is the best authentication method for sails.js?

Question

I am looking for the best approach for implementing authentication in sails.js v0.10 rc8.

Is there a formal way defined by sails.js to implement this ?

I've found module like sails-generate-auth but its documentation is not so clear.

Answer 1

Is there a formal way defined by sails.js to implement this ?

No, nor are there any plans for one. This is an implementation detail about which Sails is agnostic--when it comes to authentication, you have however many choices the Node community comes up with. Which one is "best" is a matter of opinion, and off-topic for StackOverflow. I will say that many Sails users--like many Express users--choose Passport for their authentication needs. In a Sails v0.9 app, you can do so by adding a config file (e.g. config/express.js or config/passport.js) with the following:

module.exports = {
 express: {
        customMiddleware: function(app){
            app.use(passport.initialize());
            app.use(passport.session());
        }
    }
};

that will work in Sails v0.10 as well, although sails.config.express is deprecated; better to use:

module.exports = {
 http: {
        customMiddleware: function(app){
            app.use(passport.initialize());
            app.use(passport.session());
        }
    }
};

Then you can basically follow the Passport guide, but use Sails actions in place of raw Express route bindings. For example, instead of app.post('/login'), you'd define a Sails controller (e.g. "AuthController") with an action called "login", and route the /login path to that action in your config/routes.js file.