Hey guys, Looking for some quick guidance before I make a big investment related to refactoring how my app does auth.
I've got a SPA backed by Node.js / Express / Passport. The general auth model today is: User requests / and I serve up index.html if the user is not authenticated. >From here there is a login form which posts to /login and redirects to / with auth set by passport. User requests / and I serve up main.html if the user is authenticated (main.html is the root of my angular app and references all of my Angular / JS client side files) Now, 90% of my app is private and requires the user to be authenticated. However, there is a part where the user can share a link out for anyone to click on and view. I'd prefer to have that link sent out actually take the user to my app but in an un-authenticated / guest mode that can only look at one 'page'. I've also thought about just building a completely parallel angular app that is restricted to guests. Of course, all of the exposed routes which access private data require authentication. Thoughts? Ben -- You received this message because you are subscribed to the Google Groups "AngularJS" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/angular. For more options, visit https://groups.google.com/groups/opt_out.
