Geek Answers Handbook

AngularJs executed user input permissions

Background

I am creating an application that displays various content on a page depending on whether the user is registered or not. (using ng-if) I don’t want to redirect users to separate routes depending on the login state. AngularJs is the best way to restrict access to "registered" users

I have a server check to make sure that only plausible registered users can change, but I would like users to not view specific content. I'm not sure the best way to do this. Now I'm sure this is bad.

  • Angularjs
  • Rails 4

In my static html.erb file

<script>
    window.loggedin = <%= signed_in? %>; 
</script>

In my Rails controller

class ApplicationController < ActionController::Base
    helper_method :signed_in?

    private

    def current_user
        return nil if !session[:session_token]
        @user ||= User.find_by_session_token(session[:session_token])
    end

    def signed_in?
        !!current_user
    end
end

In my angular controller

$scope.loggedIn = function(){
    return window.loggedin;
};

Question

( "" ) ?

+4
1

() . , , . , .

, Angular , . , $scope.loggedIn. , .

window.loggedIn, . , . , .

, :

  • ,

  • factory, . , - . ,

  • (, $rootScope? ?)

:

.controller("ApplicationController", function($scope, AuthService) {
  $scope.isAuthenticated = function() {
    return AuthService.isAuthenticated();
  };
});


.service("AuthService", function($http, UserSession) {
   this.login = function() { ... };
   this.logout = function() { ... };
   this.isAuthenticated = function() {
     return UserSession.exists();
   };
});

Factory

.factory("UserSession", function() {
  var currUserId = null;
  return {
    createSession: function(userId) {
      currUserId = userId;
    },
    destroySession: function() {
      currUserId = null;
    },
    exists: function() {
      return currUserId !== null;
    }
  }; 
});

HTML

<div ng-if="isAuthenticated()"> ... </div>

, , . , , .

+3

More articles:


All Articles