If I have an application with a separated frontend and backend (Vue on frontend) that has some basic permissions, and I am using two types of providers (email, and google), what is the recommended way of implementing authentication and authorization?
Do I have a table on the backend where I store the Google refresh token, access token, and other basic user info that gets refreshed on each Google login, and then the email login in the same row? And then for the authentication, what do I send to the user for the actual auth policies? The userid? I swear I have searched a ton to try and find a good implementation, but there doesn't seem like a consice way of implementing something like this with a seperated frontend and backend. Also, is there a preference for JWT vs AuthTkt? Thanks in advance! Marcus -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to pylons-discuss+unsubscr...@googlegroups.com. To post to this group, send email to pylons-discuss@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/pylons-discuss/cf4d4003-38b3-470a-bc8b-ff1df07a5f4a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
