Auth support

[rmg]

I tried an approach almost identical to this on a app a while back and I'm curious how you would handle authentication and other things that would be common to all the sub apps.

One option is to make all that common session handling functionality a separate express app as well, and use it as middleware for the host app. The downside there is your subapps end up depending on things provided by the host which then need to be exposed to them somehow.

[mxriverlynn]

i haven't yet done this... but i am planning to keep authorization rules separate in each app. i've previously done things like creating a completely separate admin.example.com sub-domain, so i can separate authorization rules between public site and admin site

as for authentication... that's going to be interesting, since i'll be using the same authentication everywhere. maybe there's a way i can forward authentication through to the sub-apps. i'll have to dig into that, once i get an app up and running with authentication needs.

[rmg]

The request object will be shared from host to sub app, so as long as your sub apps can "trust" the host app, they can just read the session info directly from req.session, req.user, or whatever else you want to hang off of your request objects. I'm not a fan of the way that leaks concerns between apps, though, so I'm curious to see if you come up with a different approach.

[FredLackeyOfficial]

@rmg : IMHO this would depend on our definition of an "app" and the purpose behind clustering them into one directory structure or "solution". For me, an app is generally defined by the user experience and the solution defined by the node instance. All of the apps are hosted in this one solution are all relevant to one another, (ie, WebAdmin, Members, Entrance, etc.). If this is true then all apps share concerns within the overall solution and, for that reason, sharing the request data (ie req.user) should be fine. Once a cluster of apps pertain to a completely separate solution (ie a dating app, a web store, a client's web app, etc.) then I would move them to a different server / VM, or at least the node instance, and physically separate them.

[mxriverlynn]

i'm in the same boat as @SkydiverFL on this one - what i mean by "app" is a sub-app to compose a larger app, where the sub-apps are all going to use the same core setup and sharing the info through the request will be what i want

and i do have this working in one of my apps, now. authentication is handled in the host app, and all of the sub-apps respect that correctly, through the request object.

i'm quite happy with the way this is working, so far

[ShabbirDev]

Hi, at first I thank you for this repo. It really helped me in a great way. I followed your structure to create sub-apps. I re-structured one of my existing app. It perfectly works on my local server. But after pushing it to live this suffix '/index.html.var' is added to my route. for example my actual route is "/api/customer/filter_types" but it ends up to "/api/customer/filter_types/index.html.var" . I have been looking for the bug for two days, Still no luck. Your help will be greatly appreciated.