Hello There!
I’m @patricksroberts.
I work at @iorahealth.
Slide 3
Slide 3 text
DISCLAIMER
Slide 4
Slide 4 text
I have no clue what I’m
doing here
Slide 5
Slide 5 text
We started with the monorails
backed by BackboneJS
Slide 6
Slide 6 text
We began to break the monorails app into services
Slide 7
Slide 7 text
Snowflake is our authentication service/app.
It is an OAuth 2.0 provider — it can provide a secure token for anything that speaks HTTP
Slide 8
Slide 8 text
But it’s hard to connect our rich client apps directly to our services
- browsers cannot initiate connections to other origins
- Servers cannot do it easily either
Slide 9
Slide 9 text
So I think it’s lame.
- we should have a protocol that allows it
Slide 10
Slide 10 text
The idea is simple:
- We do an AJAX options request for a resource
- The server confirms what request types / headers are allowed
- The server can limit specific origins or restrict to specific origins as well