How would I do authentication and authorization in a single page
application running with Rails as the backend?
Any recommendations?
This doesn’t quite answer your question, sorry, but this is how I handle
it…
For security reasons, I don’t start my single page app unless the user
is
already logged in. That is, my splash screen is just a regular page,
using
Devise, and it does the standard POST when the user clicks the log in
button. It is only when they are logged in do I download anything and
fire
up the ajax.
That just feels safer from anyone viewing the page source: you need to
be
trusted to see any interesting page source at all.
On Thu, Mar 21, 2013 at 9:41 AM, Johan V.
For one-page or bigger solution - I would read Chapter 8 from the
http://railstutorial.org book. It describes a do-it-yourself (and hence,
fully customizable) solution based on SessionsHelper. The solution
provides
authentication which is persistent ower browser window close (by help of
cookies, of course).
I am just going through that book myself, so I am just a newbie. Based
on
your question, I would guess that so are you. 
- Jussi
Yes, I am a newbie. 
I’m also reading that book but I’ve yet got to that chapter.