Over this series in user stories, we’ve gone through how to identify users, how to …
ember-auth is an authentication library for Ember.js that allows you to keep track of logged-in users. If you have a Rails 3 api backend powering your Ember front-end, you can use ember-auth with authlogic to authorize each request quite easily. If you would rather use devise with your Rails app, there is already a demo app for that.
Include the Necessary Gems
Setting Up Authlogic
You can follow this tutorial for getting Authlogic set up in a Rails 3 app.
Adding to an Existing Authlogic App
The only extra authlogic database column that your user model needs is the
single_access_token field. If you don’t have it already, you can add it with the following migration:
Add ember-auth to your Ember App
Make sure to include ember-auth in your application.js manifest.
Add API Authentication
I have my auth code in the api/user_sessions controller.
You’ll notice that I’m inheriting from
API::BaseController instead of
ApplicationController. I do this because the
require_user auth method needs to be unique to the way ember-auth works. Here’s my
Set Authlogic to use Single Access Authentication
This will tell Authlogic that each request will contain a token, which it will use to authenticate the user. When using single access authentication, Authlogic does not keep track of the user session.
Now, you can protect any of your api controller actions by inheriting from API::BaseController and adding a before filter.
That’s it for the Rails side! Any further implementation will take place in Ember, and you can follow the excellent ember-auth documentation for that.