Using ember-auth with Rails 3 and Authlogic

on June 4, 2013

ember-auth is an authentication library for Ember.js that allows you to keep track of logged-in users. If you have a Rails 3 api backend powering your Ember front-end, you can use ember-auth with authlogic to authorize each request quite easily. If you would rather use devise with your Rails app, there is already a demo app for that.

Include the Necessary Gems

Setting Up Authlogic

You can follow this tutorial for getting Authlogic set up in a Rails 3 app.

Adding to an Existing Authlogic App

The only extra authlogic database column that your user model needs is the single_access_token field. If you don’t have it already, you can add it with the following migration:

Add ember-auth to your Ember App

Make sure to include ember-auth in your application.js manifest.

Create an file (or auth.js if you’re not using CoffeeScript) where you’ll define the ember-auth settings. Notice the auth file has already been included in the above javascript manifest.

Add API Authentication

I have my auth code in the api/user_sessions controller.

You’ll notice that I’m inheriting from API::BaseController instead of ApplicationController. I do this because the require_user auth method needs to be unique to the way ember-auth works. Here’s my API::BaseController

Set Authlogic to use Single Access Authentication

This will tell Authlogic that each request will contain a token, which it will use to authenticate the user. When using single access authentication, Authlogic does not keep track of the user session.

Now, you can protect any of your api controller actions by inheriting from API::BaseController and adding a before filter.

That’s it for the Rails side! Any further implementation will take place in Ember, and you can follow the excellent ember-auth documentation for that.