search

linnovate / mean

The MEAN stack uses Mongo, Express, Angular(6) and Node for simple and scalable fullstack js applications
http://mean.io
12.12k stars 3.45k forks source link

[Enhancement] Integrate login / signup with angular app #19

Closed facultymatt closed 11 years ago

facultymatt commented 11 years ago

Currently the signup, login pages are jade templates served up by express. In my opinion, it would be ideal to instead convert them to RESTful api endpoints, and handle the logging in / templating thorough angular.

This would keep the experience more cohesive to the end user. It would also eliminate the need for jade templating (just send every non API request to index.html). It would also open the possibility of exposing a whole slew of auth related endpoints, ie: api/login api/signup api/signout api/reset_password etc.

Thoughts?

facultymatt commented 11 years ago

See https://github.com/linnovate/mean/issues/18 for related discussion.

remicastaing commented 11 years ago

It was my point in #9. I would prefer to separate the Angular part from then ME-N part.

facultymatt commented 11 years ago

From my experience, MEAN apps are just AngularJS apps working on top of an API built with Mongoose Express and Node. Technically it could be a MEBA (Backbone) or any other front end framework a dev wanted to use. I use AngularJS because its the strongest and most elegant frontend framework out there (as most of us could agree)

Since Angular, Backbone, etc. el are all frontend MVC libraries made to consume RESTful API's, if you're not consuming instagram, twitter, etc. APIs you need to create you own. This leaves a developer looking for the quickest and most robust way to frame out a secure API. ie: auth, collections, models, notifications, etc.

This is where MEAN.io comes in. Quite frankly, there are a number of other frameworks that are similar: SailsJS, Delployd, Parse, Firebase, etc. all provide out of the box RESTful apis. However, MEAN.io is different, and needs to stand apart from the crowd. This deserves a separate discussion, so for now...

If we move all the sign-up and out to the RESTful controller, we have have a setup similar to: 

// RESTful login
app.post('/api/singup', user.create());
app.get('/api/signin', session.create());
app.get('/api/singout', session.end());

// Send all all other requests to index.html
// this is where our angular app is located
app.get('/*', function(req,res,next) { res.redirect('/')});

This allows the developer much greater flexibility in their app. Lets say you didn't want to have a signup page at all - instead you have a signup model. Or, maybe the signup form is integrated into the main page. No problem, handle these cases in Angular and just talk to the right API endpoint. This is only possible when all functionality is handled through REST.