Auth0 and Angular 2: login and routing failing using the login widget
Question
I am starting to develop web applications and chose Angular 2 as the front-end framework. I'm currently trying out Auth0 for user authorisation. The problem is as follows: I am trying to implement a landing page login -> redirect functionality. Immediately after opening the website it should check if there is a user's token in the localStorage and then either show the login widget or redirect to the home page. But I have ran into this very nasty bug:
When i'm logging in, the page refreshes and the widget appears again: tokenNotExpired() for some reason returns false . I press to login again with the same credentials - page refreshes, login widget disappears, logging shows that tokenNotExpired() is returning true now, but my redirect still doesn't work. If I now just enter my base address, http://localhost:4200 , it successfully redirects me to home and tokenNotExpired() returns true .
I tried debugging it but without any luck - I can't find where it is failing.
Essentially, I am very sure there are problems in the way I approach coding the redirect feature, since my lack of experience. I would very kindly appreciate any help, been sitting on this for a while.
I'm including excerpts of my code omitting the redundant parts. I am injecting the Auth service globally by bootstrapping it in main.ts.
app.routes.ts:
import {provideRouter, RouterConfig} from "@angular/router";
import {AuthGuard} from './secure/auth.guard';
import {AdminGuard} from "./secure/admin.guard";
import {UserHomeComponent} from "./main/user-cpl/user-home.component";
import {AdminHomeComponent} from "./main/admin-cpl/admin-home.component";
import {LoginPageComponent} from "./login/login-page.component";
const APP_ROUTES: RouterConfig = [
{ path: 'home', canActivate: [AuthGuard],
children: [
{ path: '', component: UserHomeComponent },
{ path: 'admin', component: AdminHomeComponent, canActivate: [AdminGuard] },
] },
{ path: 'login', component: LoginPageComponent },
{ path: '', redirectTo: 'home', pathMatch: 'full' },
{ path: '**', redirectTo: 'home', pathMatch: 'full' }
];
export const APP_ROUTES_PROVIDER = [
provideRouter(APP_ROUTES)
];
login-page.component.ts:
import {Component, OnInit} from '@angular/core';
import {ROUTER_DIRECTIVES, Router} from '@angular/router';
import {Auth} from '../secure/auth.service';
@Component({
moduleId: module.id,
selector: 'login-page-component',
template: `
<router-outlet></router-outlet>
`,
directives: [ROUTER_DIRECTIVES]
})
export class LoginPageComponent implements OnInit {
constructor(private auth: Auth, private router: Router) {
}
ngOnInit():any {
console.log('LOGGED IN - ' + this.auth.loggedIn());
if (this.auth.loggedIn()) {
if (this.auth.isAdmin()) {
this.router.navigate(['/home/admin']);
} else if (!this.auth.isAdmin()) {
this.router.navigate(['/home']);
}
} else {
this.auth.login();
}
}
}
auth.service.ts:
import {Injectable} from '@angular/core';
import {tokenNotExpired} from 'angular2-jwt';
declare var Auth0Lock: any;
@Injectable()
export class Auth {
// Configure Auth0
lock = new Auth0Lock('omitted', 'omitted', {
closable: false
});
//Store profile object in auth class
userProfile: any;
constructor() {
// Set userProfile attribute if already saved profile
this.userProfile = JSON.parse(localStorage.getItem('profile'));
// Add callback for lock `authenticated` event
this.lock.on("authenticated", (authResult) => {
localStorage.setItem('id_token', authResult.idToken);
// Fetch profile information
this.lock.getProfile(authResult.idToken, (error, profile) => {
if (error) {
// Handle error
alert(error);
return;
}
localStorage.setItem('profile', JSON.stringify(profile));
this.userProfile = profile;
});
});
}
login() {
this.lock.show({
callbackUrl: 'http://localhost:4200/home'
});
}
logout() {
localStorage.removeItem('profile');
localStorage.removeItem('id_token');
this.userProfile = undefined;
}
loggedIn() {
return tokenNotExpired();
}
isAdmin() {
return this.userProfile && this.userProfile.app_metadata
&& this.userProfile.app_metadata.roles
&& this.userProfile.app_metadata.roles.indexOf('admin') > -1;
}
}
auth.guard.ts:
import {Injectable} from '@angular/core';
import {Router, ActivatedRouteSnapshot, RouterStateSnapshot} from '@angular/router';
import {CanActivate} from '@angular/router';
import {Auth} from './auth.service';
@Injectable()
export class AuthGuard implements CanActivate {
constructor(private auth: Auth, private router: Router) {
}
canActivate(next: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
if (this.auth.loggedIn()) {
console.log('AUTH GUARD PASSED');
return true;
} else {
console.log('BLOCKED BY AUTH GUARD');
this.router.navigate(['/login']);
return false;
}
}
}
admin.guard.ts:
import {Injectable} from '@angular/core';
import {Router, ActivatedRouteSnapshot, RouterStateSnapshot} from '@angular/router';
import {CanActivate} from '@angular/router';
import {Auth} from './auth.service';
@Injectable()
export class AdminGuard implements CanActivate {
constructor(private auth: Auth, private router: Router) {}
canActivate(next: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
if (this.auth.isAdmin()) {
return true;
} else {
return false;
}
}
}
1 answers
solution1
5 ACCPTED 2016-10-24 08:33:51
You must set redirect: false in the configuration since it is a single page app. Auth0 will otherwise make a GET call to the redirectUrl . This call is preventing your authenticated event from firing up. Thus, in your auth.service.ts file:
lock = new Auth0Lock('omitted', 'omitted', {
closable: false,
auth: { // <--- mind this nesting
redirect: false
}
});
This will invoke the 'authenticated' event in the service on login. You probably also want to redirect the user once login is done. Thus, in the callback invoke this._router.navigate(['path']) . Don't forget to import { Router } from 'angular/router' and creating an instance in the constructor: constructor(private _router: Router) {} .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.