How would I implement a solution like described below? Would it be easier to jack in something like ember-simple-auth? All examples I find implement their own login form, that's not something I'll have. My login will live on its own domain.
Scenario:
- user visits https://myapp.com.
- In some initializer I see that they don't have an/don't have a valid access token so I redirect them to http://ift.tt/18HRGOx
- login.myapp.com sign the user in hand hands them an access token and redirects user to http://ift.tt/1wOnqqg{token}
- Myapp boots again only this time it finds a valid access token (from the url) and sets some variable that the user is logged in. And then adds the token as header bearer onto all future xhr requests.
Is this a logical login approach? Some fundamental flaws I'm missing? Do you know any tutorials doing something like this? Thanks!
Aucun commentaire:
Enregistrer un commentaire