I’m looking to write a single-page web application using RoR for the backend and Backbone (amongst other things) for the front-end. As with most things, the app will require the user to sign in (authentication easily handled with RoR and the database), but I’m confused as to how I would go about performing tasks with Backbone that require authentication. Because everything’s client-side, it seems to me that I can’t pass, for example, the user’s ID to the backend as that’d be easy for somebody to discover.

Basically, how do I replicate a session-based authentication mechanism with Backbone?