Token based authentication

angular-fullstack / generator-angular-fullstack

Yeoman generator for an Angular app with an Express server

https://awk34.gitbook.io/generator-angular-fullstack

6.13k stars 1.24k forks source link

Token based authentication #295

Closed programming-kid closed 10 years ago

programming-kid commented 10 years ago

It would be nice to have token based authentication in 2.0 release @DaftMonk do you have any plans to include token based authentication in fullstack .

Thanks

JaKXz commented 10 years ago

Yes, please see the wiki.

programming-kid commented 10 years ago

cool but there is one thing i dont understand , if authentication is based on jwt why is there a sessions collection created . as per my understanding whole point of jwt is to eliminate sessions , rather use tokens .

Can anyone pls explain auth process or point to some ref article .

DaftMonk commented 10 years ago

Sessions are only used for the twitter oAuth passport strategy: https://github.com/jaredhanson/passport-twitter/issues/43

programming-kid commented 10 years ago

i just generated a app without including twitter oauth it still creates session collection

{
 _id: "8RD2jKBCO6MfyhsPD8QKzEDf",
 session: "{\"cookie\":{\"originalMaxAge\":null,\"expires\":null,\"httpOnly\":true,\"path\":\"/\"}}",
 expires: ISODate("2014-07-17T07:40:04.109Z") 
}

is this the expected behavior ??

DaftMonk commented 10 years ago

It is expected, but I probably should make the sessions depend on using twitter oAuth

programming-kid commented 10 years ago

yep :+1: