I am using Aurelia and loving it! Aurelia is really refreshing given the alternatives.
However there is a needless steep learning curve on Aurelia; which can be bridged by up-to-date documentation. Currently there is a gap between documentation and reality.
For example, hunting down the fact one needs to prefix PLATFORM.moduleName() to
.plugin(‘aurelia-authentication’, {baseUrl: ‘https://api.example.com/auth’}) for the recommended (cli) way of building an aurelia app took about 5 hrs after not a straightforward search path.
I have read up on several articles on securing the aurelia app including :
https://aurelia.io/docs/fundamentals/security
amongst others
I have implemented the naive “dual app root” method without really session management (in the sense that if i refresh the browser, it reverts back to logged-out version). I have installed & configured aurelia-authentication ; but need guidance in implementation.
I wish to understand the best (read quickest) way to implement aurelia-authentication (preferably step-by-step) for the purposes of securing a aurelia app for a “dual app root”. The authenication and authorization information is expected to be locally stored (not social media providers) . I am wary of older articles because Aurelia has changed a lot in the recent year or so. What is a good place to start?