angularjs - How do you protect /handle authenticated routes with ui-router? -


just started using angular , i'm trying learn fast can. i'm relatively new spa's please bear me , feel free tell me if want not feasible. i'm stuck on now, how protect routes when using ui-router?

what want do?

there routes don't want non-logged in users access. example, /home , /login okay anonymous users.
/dashboard should logged in.

i want if user tries access /dashboard in future without being logged in, not able to.

what have tried?

i have tried using angular-permission module found here: https://github.com/narzerus/angular-permission problem is..i'm not quite sure how use (nor if i'm using properly).

what happening?

in login controller, once user submits username , password makes /post web-sever. once gets result, (regardless of moment) i've got redirecting /dashboard.

right nothing should getting /dashboard because no permissions have been set, yet (incorrectly) allowed see dashboard. can both (1) redirected dashboard without permission , (2) access /dashboard without permission.

what code right now?

controllers.js

var controllers = angular.module('controllers',[]) // login controller -- handles login page user can enter // enter username & password. controllers.controller('logincontroller', function($scope, $state,$location, loginservice){     $scope.email = "";     $scope.password = ""      $scope.login = function(){         var data = ({email:"test", password: "ayylmao"})         loginservice.login(data).then(function(res){             console.log(res);         })         .catch(function(err){             console.log("error!");             console.log(err);             $state.go('dashboard')         })     } })

app.js

//definition: parent module var myapp = angular.module('clipboardapp', ['services','controllers', 'permission','ui.router']);  //code below taken angular-permission docs. angular   .module('foomodule', ['permission', 'user'])   .run(function (permissionstore, user) {     // define anonymous permission)     permissionstore       .definepermission('anonymous', function (stateparams) {       // if returned value *truthy* user has permission, otherwise don't.         //true indicates anonymous.         //always returning true indicate it's anonymous         return true;       });   });    //this serving router. myapp.config(function($stateprovider, $urlrouterprovider, $locationprovider) {      //by default go     $urlrouterprovider.otherwise('/home');      //views     $stateprovider         .state('home', {             url: '/home',             templateurl: 'views/home.html',         })         .state('login', {             url: '/login',             templateurl: 'views/login.html',             controller:  'logincontroller'         })         .state('dashboard', {             url: '/dashboard',             templateurl: 'views/dashboard.html',             controller: 'dashboardcontroller',             data: {               permissions: {                 except: ['anonymous'],                 redirectto: 'login'               }             }           });  });

here working example secured routes. in example state start app. go via auth interceptor. $transitions.onbefore hook can use follows satisfy requirement. 

.run(($transitions, $state, $injector) => {     $transitions.onbefore({       to: 'app.**'     }, () => {       const $window = $injector.get('$window');       if (!$window.sessionstorage.getitem('user')) {         return $state.target('login', $state.transition.params());       }       return true     });   });

https://plnkr.co/edit/zcn2hb34mmembjulyaaj?p=info


Comments

Post a Comment

Popular posts from this blog

javascript - jQuery: Add class depending on URL in the best way -

i have html progress meter: <div class="col-md-3" style="margin-left: -20px;"> <div class="progress-pos active" id="progess-1"> <div class="progress-pos-inner"> login </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-2"> <div class="progress-pos-inner"> scan items </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-3"> <div class="progress-pos-inner"> confirm address </div> </div> </div> <div class="col-md-3 progress-pos-container"> <div class="progress-pos" id="progess-4"> <div class="progress-pos-in
Read more

caching - How to check if a url path exists in the service worker cache -

i need check if particular url path exists in service worker cache. example, suppose url is: /myserviceworker/service?a=110&b=70 this url exists in cache, there many of them different values of , b. now, suppose want refresh of these urls, how can that? i want know how access key values service worker cache. if know key, plan follows: var url = new url(key); if(url.pathname === "\/myserviceworker/service") refetch key but not sure how cache key , in format is. mean, string or url? cache api has match() method returns promise resolving in response object if match or undefined if no match exists. second parameter object can specify ignoresearch not take account url parameters. the ignoresearch option supported firefox ( chrome status here ). in other hand, retrieve cache entries, can use keys() method.
Read more

Redirect to a HTTPS version using .htaccess -

i need modify .htaccess file redirect urls https version without "www". http://example.com --> https://example.com http://www.example.com --> https://example.com https://www.example.com --> https://example.com this how .htaccess file looks like: rewriteengine on rewritecond %{request_filename} !-d rewritecond %{request_filename} !-f rewriterule ^(.*)$ redirect.php?id=$1&page=$2 [qsa,l] what modifications need make .htaccess in order forward https without "www"? it depends on doing current code. looks file called redirect trying display php page seo friendly url. think might confusing people. anyway, need , force https without www, need 1 more rule above. also second rule needs two capture groups in rewriterule test string because wanting 2 different values using $1 , $2 references. rewriteengine on #rediect www non www and/or http https --- combinations. rewritecond %{http_host} !^example\.com [nc,or] rewritecond %{https} !^
Read more