Egghead.io has a great premium series on using JWT for authentication. PluralSight has one as well.
On Thursday, February 5, 2015 at 10:56:04 PM UTC-5, Jeff Hicks wrote: > > Hi Everyone, > > I am trying to put together a good design for a JWT token auth solution. > > I have an external application that passes a JWT token to my application > each time it makes a request. I need to get this token from the request, > decode it, and auth it before letting the request go through. If the auth > passes, then the app will allow access, if not, a simple not authorized > message should be displayed. This is a little different than most of the > examples for simple authentication that I have seen as most have a login > form that the user enters values into.. > > My approach so far has been to implement an Auth Interceptor on every > request that calls an Account service. The Account service does the > validation work and sets the account token to the $window.session if the > authentication is successful. If not, it would return 401 on failure. I am > looking for a little validation if this idea holds any weight or not. > > If anyone has a better idea I would appreciate any input you may have. > > Thanks, > > Jeff > -- You received this message because you are subscribed to the Google Groups "AngularJS" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/angular. For more options, visit https://groups.google.com/d/optout.
