what's the difference between this and feathers-authentication-local?

[beeplin]

In the old auth (0.7.x) when we use type = 'lcoal', it initially verifies with email and password and then depends on jwt payload (params.token and params.user ) to tell which user is logged in. If initially no email and password provided, it will automatically use jwt token in localstorage to verify.

Now in the new auth we have two pacakges, one local and one jwt. Does that mean we have to use both the two to achieve the same functionality?

[ekryski]

@beeplin yes you still need both registered on the server side to get the same functionality. This gives you more flexibility however because you can register multiple JWT and Local strategies with different options.

Local is for some version of username/password. JWT is for tokens. You can authenticate your app without using local and instead could use OAuth1/2, API key, SAML, whatever... or you could do like we do in the example app in this repo and just issue JWT access tokens when a user signs up.

From the clients perspective the way you authenticate is the exact same with the exception that type is now strategy. If you have already authenticated successfully and you call authenticate() without anything it will attempt to authenticate with a stored JWT accessToken.

Hope that answers your question.