{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 太酷不给撩 的问题《Marionette.js with Rails (Devise) Authentication》','https://www.manongdao.com/q-400957.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Curious as to how people usually handle this. My strategy is to have an authorized root route and unauthorized root route.
The authorized users get sent directly to my marionette.js single page application and unauthroized users get sent into a standard rails landing page with the option to login or register.
It seems you could combine these all into your single page application. You could show/hide ui elements based on a class you attach to elements based on the authorization needed to see them (registered, admin, moderator, etc). You could also add some kind of "before_filter" to your router's that can check whether or not the user can access this route given their role.
I'm not sure exactly how you would handle login / registration in this case. You could setup your own api routes that get POST'd to which hand-off the work to devise?
Thoughts? Strategies? What seems best practice here?
I find it painful and unnecessary to try and make Backbone/Marionette handle the authentication and re-loading of the authorized site stuff. Once they log in, redirect them to a different URL that the server handles, and have the server send down all the stuff that they need, as an authenticated user.