O'Reilly logo

Mastering Backbone.js by Abiee Echamea

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Implementing OAuth authentication

As we did for Basic Auth, we are going to build a server-side implementation of the OAuth2 protocol. As the Backbone App and Server App are both built by us, the best grant type to choose is Resource Owner Password Credentials Grant.

A difference from Basic Auth is that OAuth2 needs to add an endpoint that is used to issue access and refresh tokens. As described in RFC-6749, the requests made to this endpoint should include the following:

The client makes a request to the token endpoint by adding the following parameters using the "application/x-www-form-urlencoded":

grant_type: REQUIRED. Value MUST be set to "password".

username: REQUIRED. The resource owner username.

Password: REQUIRED. The resource owner password. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required