[I am looking for a reliable authentication mechanism for rails-api/SPAs and I am wondering about the addition of a “TokenStore”]
I have been using Rails 4 for about two years and have found it to be very reliable.
For a newer projects, because of the SPA (Single Page Application) trend, I have decided to try rails 5’s api mode.
However I find myself in an unsure position: while in “older applications” Devise was “the go-to” solution, for SPA and rails-api, there is no clear solution.
Before proceeding, I’d like to state one strong conviction I have: security related code should be “battle tested” - and one way to achieve this is to have a solution used by a majority of developers (as Devise is/was).