It is curious how people usually deal with this. My strategy is to have an authorized root route and an unauthorized root route.
Authorized users are sent directly to my marionette.js application for one page, and unauthorized users are sent to the landing page of standard rails with the ability to log in or register.
It seems you could combine all of this into a single-page application. You can show / hide ui elements based on the class you attach to the elements, based on the authorization required to view them (registered, administrator, moderator, etc.). You can also add a kind of "before_filter" to your router, which can check if the user can access this route based on their role.
I am not sure exactly how you will handle the login / registration in this case. Could you configure your own api routes that get POST'd for which you need to do this work?
Thoughts? Strategies? What is best suited here?
source share