authstate.js

Sites.AUTHSTATE = SC.State.design({
  initialSubstate: 'CHECKSESSION',
  
  CHECKSESSION: SC.State.plugin('Sites.CHECKSESSION'),
  
  SHOWLOGIN: SC.State.plugin('Sites.SHOWLOGIN'),
  
  AUTHENTICATING: SC.State.plugin('Sites.AUTHENTICATING'),
  
  AUTHENTICATED: SC.State.plugin('Sites.AUTHENTICATED')
});

statechart.js

Sites.statechart = SC.Statechart.create({
  
  rootState: SC.State.design({

    substatesAreConcurrent: true,

    AUTHSTATE: SC.State.plugin('Sites.AUTHSTATE'),

    MAINSTATE: SC.State.plugin('Sites.MAINSTATE')

  })
  
});

Essentially, your app has two states:

• an authentication state, which contains all the logic regarding authentication
• a main state, containing everything else

These two states are concurrent, because your app can lose the authentication / session at any moment, which should not cripple your app, but simply allow you to superimpose a login option and after successful authentication let the user continue where they were.

The AUTHSTATE deals with setting up everything around the authentication. The initial substate is the CHECKSESSION state, because you want the app to first check whether the user perhaps already has a session (because of a reload for example). If it hasn't, it should transfer to the SHOWLOGIN state, which simply shows the login screen. If someone then fills in the authentication data, pressing the login button will transfer them to the authenticating state, which will contact the server. If the auth is ok, it goes to authenticated, otherwise it goes back to showlogin.