Need a good user auth solution. What is yours?

Hi, i working on application with user authentication from server and i want to ask how do you authenticate your users in ionic app.

Here is how i do it:
I use on rail server. In app side i use ng-auth-token gets token from server and stores it to localStorage. So every request and response have token in header. Server is configured not to refresh token after every request, but keep it. Actually it works good mostly.

But here what problem i faced now. iOs sometimes clear localstorage and user is logged out randomly. I found solution to use or sqlLite. As usually it not so easy :slight_smile:
ngAuthToken offers possibility to config your custom storage with three methods to set, retrieve and delete items. (auth token saves tokens there)

  • First problem is that custom storage is configured in app.config and $cordovaNativeStorage is reachable only when app is ready.
  • Second, even if somehow i manage to access $cordovaNativeStorage it return promises, which ng-auth-token is not support as response from storage.

Anyway i stucked here with question. Should i reimplement easier way without ng-auth-token or there is some solution here? Thank you :slight_smile:

I’m currently doing something similar to you using JWTs from our auth service. Storing the JWT in local storage, and in the runtime once loaded (for faster access). In the even that localstorage is wiped for whatever reason, or the JWT token expires, the user is simply logged out. That’s what we have implemented here, and it’s not a big issue, as you don’t want to be storing username:password somewhere in the client to fetch a new token. Yes you could use some other form of storage like you have mentioned for longer persistence.

I don’t know what you mean it returns promises? Simply wait for the response from the promise, and then pass to ng-auth-token?

1 Like

Ho do you keep data if ios clears it? Promises are js asynchronous solution. It returns object that need not have implemented then(). I think you should know how it works. Also ng-auth-token assuming it will be immediately returned value and i dont want to change their finctionality.