

Ask HN: Best way to authenticate Angular/node app - uberneo

I have been searching around from past few days the best way to authenticate an Angularjs app with Node js as backend.<p>I have come across the link - https:&#x2F;&#x2F;github.com&#x2F;sahat&#x2F;tvshow-tracker&#x2F;blob&#x2F;master&#x2F;server.js , here JSON Web Tokens are getting used so just wondering is it a good security mechanism for Angularjs Apps ? any ideas or inputs?
======
bjacobt
I'm a newbie here, so not sure if this is the best way, but I recently
implemented authentication in AngularJS/Express/Node app using passport.js and
JWT on each request.

Sorry I don't have a write up, but here are some of the tutorials I followed

1\. [https://medium.com/opinionated-angularjs/techniques-
for-](https://medium.com/opinionated-angularjs/techniques-for-)
authentication-in-angularjs-applications-7bbf0346acec

2\. [https://scotch.io/tutorials/authenticate-a-node-js-api-
with-...](https://scotch.io/tutorials/authenticate-a-node-js-api-with-json-
web-tokens)

3\. [https://scotch.io/tutorials/the-ins-and-outs-of-token-
based-...](https://scotch.io/tutorials/the-ins-and-outs-of-token-based-
authentication) <\- This one is good as it gives you an idea of JWT and if it
makes sense to use it in your project.

Edit: improve readability

------
WorldMaker
I really like Mozilla Persona ([http://persona.org](http://persona.org)) and I
think it is a great way to authenticate people. It uses JWTs as part of its
technical stack, but it simplifies a lot of the considerations of working with
them.

Persona is a better federated login system and I think it's a shame more
websites aren't using it. I've blogged/presented on the topic:
[http://blog.worldmaker.net/2015/05/13/mozilla-persona-
talk/](http://blog.worldmaker.net/2015/05/13/mozilla-persona-talk/)

------
codegeek
You can use the "Satellizer" library [0] for angular that uses JWT and can
integrate with node etc. See one blog post that uses satellizer and node:

[https://hackhands.com/building-instagram-clone-angularjs-
sat...](https://hackhands.com/building-instagram-clone-angularjs-satellizer-
nodejs-mongodb/)

[0]:
[https://github.com/sahat/satellizer](https://github.com/sahat/satellizer)

------
theaccordance
Scotch.io has several articles on the topic:
[https://scotch.io/?s=authentication](https://scotch.io/?s=authentication)

------
mjhea0
[http://mherman.org/blog/2015/07/02/handling-user-
authenticat...](http://mherman.org/blog/2015/07/02/handling-user-
authentication-with-the-mean-stack/#.VeJ5-lNViko)

