I am new to Angular. I am developing a simple login form in which the entered username is compared with the username returned from the JSON request. If a match is found, the login is processed.
I feel like I am doing this, it is unsafe, am I right in thinking that the returned JSON string can be accessed through the browser console?
In the near future I will add a password to verify the password, as soon as I understand how to do it correctly.
I would like to point in the right direction to the issue of user login in Angular way.
app.js
angular.module('userApp', ["ngResource"]). config(['$routeProvider', function($routeProvider) { $routeProvider. when('/login', {templateUrl: 'partials/login.html', controller: LoginCtrl}). when('/loggedin', {templateUrl: 'partials/user-admin.html', controller: UserCtrl}). otherwise({redirectTo: '/login'}); }],[ '$locationProvider', function($locationProvider) { $locationProvider.html5Mode = true; }]). factory("User", function($resource) { return $resource("users/:userId.json", {}, { query: {method: "GET", params: {userId: "users"}, isArray: true} }); });
controllers.js
function LoginCtrl($scope, $route, $routeParams, $location, User) { $scope.users = User.query(); $scope.loginUser = function() { var loggedin = false; var totalUsers = $scope.users.length; var usernameTyped = $scope.userUsername; for( i=0; i < totalUsers; i++ ) { if( $scope.users[i].name === usernameTyped ) { loggedin = true; break; } } if( loggedin === true ) { alert("login successful"); $location.path("/loggedin"); } else { alert("username does not exist") } } }
source share