I should also mention I'm trying to integrate Firebase, but I would like to do authorization on my end, I'm just not sure how to implement that.
On Thursday, February 21, 2019 at 5:14:38 PM UTC-5, Marcus Mann wrote: > > If I have an application with a separated frontend and backend (Vue on > frontend) that has some basic permissions, and I am using two types of > providers (email, and google), what is the recommended way of implementing > authentication and authorization? > > Do I have a table on the backend where I store the Google refresh token, > access token, and other basic user info that gets refreshed on each Google > login, and then the email login in the same row? And then for the > authentication, what do I send to the user for the actual auth policies? > The userid? > > I swear I have searched a ton to try and find a good implementation, but > there doesn't seem like a consice way of implementing something like this > with a seperated frontend and backend. > > Also, is there a preference for JWT vs AuthTkt? > > Thanks in advance! > > Marcus > -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/9f56cfb5-8a71-4b54-80b2-c924373bd89d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
