FrontEnd/Backend Devise Separation
135 views
Skip to first unread message
Fer Martin
Sep 27, 2011, 2:22:10 AM9/27/11
to Devise
Hi guys,
I'm starting company and we are using rails 3 with devise.
I want to separate backend and frontend completely (restful http oauth
token-based backend // active resource web frontends + mobile apps),
and I've been wondering about the integration with devise for this.
I feel devise is so highly coupled with models, controllers and
routing, which makes it awesome to have your stuff running fast, but
also it will be quite hard to decouple it between the frontend and the
backend.
Basically, I want to store all the data in the backend and then let
the frontend apps use a token based auth for everything. The views
(signing-signup) must be in the frontend, but the controller actions
will be in the backend.
Do you have any advice on how to approach this? I would sincerely
appreciate it!
Cheers!
F3r
I'm starting company and we are using rails 3 with devise.
I want to separate backend and frontend completely (restful http oauth
token-based backend // active resource web frontends + mobile apps),
and I've been wondering about the integration with devise for this.
I feel devise is so highly coupled with models, controllers and
routing, which makes it awesome to have your stuff running fast, but
also it will be quite hard to decouple it between the frontend and the
backend.
Basically, I want to store all the data in the backend and then let
the frontend apps use a token based auth for everything. The views
(signing-signup) must be in the frontend, but the controller actions
will be in the backend.
Do you have any advice on how to approach this? I would sincerely
appreciate it!
Cheers!
F3r
Jeffrey Jones
Sep 27, 2011, 6:54:01 AM9/27/11
to plataforma...@googlegroups.com
Aoih
I was doing the same thing but in the end I decided to ditch OAuth for CAS:
ClassyCAS server as a base for the single sign-on app.
A Back-end User Management application (Basic rails app) which ClassyCAS
uses to authenticate (And other apps use for authorization checking).
Client applications running Devise + oa-enterprise for CAS integration.
Client applications accessing the User Management App for user
integration. (You could go the active-resource way for this)
Because we are using a central Mgt. Service and don't need external
identity providers etc. I ultimately decided against using OAuth.
Depending on your you manage your users it might be an option for you.
Fer Martin
Sep 27, 2011, 12:24:07 PM9/27/11
to Devise
Hi Jeffrey,
Thanks so much for your reply! Unfortunately, ClassyCAS cannot be an
option for us:
[1] We are using different authentication providers (self, facebook,
twitter, openId,...)
[2] We need an independent token-based authentication (logout of
mobile app shouldn't log you out of website)
And of course, we would like to tweak as little as possible of the
devise code...
/f3r
Thanks so much for your reply! Unfortunately, ClassyCAS cannot be an
option for us:
[1] We are using different authentication providers (self, facebook,
twitter, openId,...)
[2] We need an independent token-based authentication (logout of
mobile app shouldn't log you out of website)
And of course, we would like to tweak as little as possible of the
devise code...
/f3r
Reply all
Reply to author
Forward
0 new messages