I'm new to Sails but one of my hopes is to get JWT auth going for my API. I don't need sessions as mentioned above so waterlock seems perfect. What has me a little concerned though is it doesn't seem to compliment the sails-permissions module and it also doesn't use passport thus limiting some of the authentication methods possible. I'm also having a little trouble understanding the flow, should/could I use waterlock to generate the JWT and then sails-auth+sails-permissions along with the passport-jwt strategy? Thanks!