[英]Mean.js authentication
I'm working with mean.js for the first time and I see there is the Authentication provider already built in. 我第一次使用mean.js,我发现已经内置了身份验证提供程序。
Their test Article page link is hidden if the user is not logged in but if I navigate manually to /articles
I can see the page... 如果用户未登录,则他们的测试文章页面链接被隐藏,但是如果我手动导航到
/articles
,则可以看到该页面...
I think it is not very useful... 我认为这不是很有用...
How can I restrict the access to all pages and redirect the user on the sign in page if not logged in? 如果未登录,如何限制对所有页面的访问并重定向登录页面上的用户?
What I tried so far is: 到目前为止,我尝试过的是:
angular.module('core')
.run(['$rootScope', '$state', '$location', 'Authentication', function ($rootScope, $state, $location, authentication) {
$rootScope.$on('$stateChangeStart', function (event, toState) {
var notRestricted;
if (toState.name === 'page.signin') {
notRestricted = true;
} else {
notRestricted = false;
}
if (notRestricted) {
return;
}
var user = authentication.user;
if (!user) {
event.preventDefault();
$state.go('page.signin');
}
});
}]);
But if I navigate the the home page it start an infinite loop causing the $digest
to crash the app. 但是,如果我浏览主页,则会启动无限循环,从而导致
$digest
使应用程序崩溃。
Can someone help me to do that correctly? 有人可以帮助我正确地做到这一点吗?
I'm going to suggest you extract the Authorization part of Daftmonk's angular full stack - its the best, here is mine auth starter . 我建议您提取Daftmonk的有角全栈的Authorization部分-最好,这是我的auth starter 。
All you need to do is add a boolean in the routes to 'authenticate' like this: 您需要做的就是在路由中添加一个布尔值,以进行“身份验证”,如下所示:
function config($stateProvider) {
$stateProvider
.state('main', {
url: '/main',
templateUrl: 'app/main/main.html',
controller: 'MainCtrl',
authenticate: true
});
This is what the code looks like in the app.js 这就是app.js中的代码
function config($httpProvider) {
$httpProvider.interceptors.push('authInterceptor');
}
function run($rootScope, $location, Auth) {
// Redirect to login if route requires auth and you're not logged in
$rootScope.$on('$stateChangeStart', function(event, next) {
Auth.isLoggedInAsync(function(loggedIn) {
if (next.authenticate && !loggedIn) {
$location.path('/login');
}
});
});
}
function authInterceptor($rootScope, $q, $cookieStore, $location) {
return {
// Add authorization token to headers
request: function(config) {
config.headers = config.headers || {};
if ($cookieStore.get('token')) {
config.headers.Authorization = 'Bearer ' + $cookieStore.get('token');
}
return config;
},
// Intercept 401s and redirect you to login
responseError: function(response) {
if (response.status === 401) {
$location.path('/login');
// remove any stale tokens
$cookieStore.remove('token');
return $q.reject(response);
} else {
return $q.reject(response);
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.