Skip to content

Commit

Permalink
Add secure Angular route
Browse files Browse the repository at this point in the history
  • Loading branch information
@simonholmes
simonholmes committed Aug 19, 2015
1 parent e180f38 commit 528f503
Show file tree
Hide file tree
Showing 10 changed files with 57 additions and 21 deletions.
5 changes: 5 additions & 0 deletions app_api/config/passport.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,12 @@ passport.use(new LocalStrategy({
usernameField: 'email'
},
function(username, password, done) {
console.log("Finding user: " + username + ";" + password);
User.findOne({ email: username }, function (err, user) {
console.log("user found");
console.log(user);
console.log("err found");
console.log(err);
if (err) { return done(err); }
// Return if user not found in database
if (!user) {
Expand Down
4 changes: 1 addition & 3 deletions app_api/controllers/authentication.js
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// var passport = require('passport');
var passport = require('passport');
var mongoose = require('mongoose');
var User = mongoose.model('User');

Expand All @@ -8,7 +8,6 @@ var sendJSONresponse = function(res, status, content) {
};

module.exports.register = function(req, res) {
console.log("Registering user: " + req.body.email);

// if(!req.body.name || !req.body.email || !req.body.password) {
// sendJSONresponse(res, 400, {
Expand Down Expand Up @@ -36,7 +35,6 @@ module.exports.register = function(req, res) {
};

module.exports.login = function(req, res) {
console.log("Logging in user: " + req.body.email);

// if(!req.body.email || !req.body.password) {
// sendJSONresponse(res, 400, {
Expand Down
2 changes: 1 addition & 1 deletion app_api/routes/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ var express = require('express');
var router = express.Router();
var jwt = require('express-jwt');
var auth = jwt({
secret: process.env.JWT_SECRET,
secret: 'MY_SECRET',
userProperty: 'payload'
});

Expand Down
2 changes: 1 addition & 1 deletion app_client/app.min.js
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion app_client/app.min.js.map
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

15 changes: 8 additions & 7 deletions app_client/auth/login/login.controller.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,14 +14,15 @@
};

vm.onSubmit = function () {
console.log('Submit login form:', vm.credentials);
authentication
.login(vm.credentials)
.error(function(err){
alert(err);
})
.then(function(){
$location.path('profile');
});
.login(vm.credentials)
.error(function(err){
alert(err);
})
.then(function(){
$location.path('profile');
});
};

}
Expand Down
3 changes: 2 additions & 1 deletion app_client/auth/register/register.controller.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,13 @@
var vm = this;

vm.credentials = {
name : "",
name : "Simon",
email : "",
password : ""
};

vm.onSubmit = function () {
console.log('Submitting registration');
authentication
.register(vm.credentials)
.error(function(err){
Expand Down
38 changes: 33 additions & 5 deletions app_client/main.js
View file
Original file line number Diff line number Diff line change
@@ -1,37 +1,65 @@
(function () {

angular.module('meanApp', ['ngRoute']);
// .config(config)
// .run(run);


function config ($routeProvider, $locationProvider) {
$routeProvider
.when('/', {
templateUrl: 'home/home.view.html',
controller: 'homeCtrl',
controllerAs: 'vm'
controllerAs: 'vm',
access: {
requiredLogin: false
}
})
.when('/register', {
templateUrl: '/auth/register/register.view.html',
controller: 'registerCtrl',
controllerAs: 'vm'
controllerAs: 'vm',
access: {
requiredLogin: false
}
})
.when('/login', {
templateUrl: '/auth/login/login.view.html',
controller: 'loginCtrl',
controllerAs: 'vm'
controllerAs: 'vm',
access: {
requiredLogin: false
}
})
.when('/profile', {
templateUrl: '/profile/profile.view.html',
controller: 'profileCtrl',
controllerAs: 'vm'
controllerAs: 'vm',
access: {
requiredLogin: false
}
})
.otherwise({redirectTo: '/'});

// use the HTML5 History API
$locationProvider.html5Mode(true);
}

// run.$inject = ['$rootScope', '$location', '$window'];
function run($rootScope, $location, authentication) {
$rootScope.$on('$routeChangeStart', function(event, nextRoute, currentRoute) {
var restrictedPage = $location.path() === '/profile';
var loggedIn = authentication.isLoggedIn();
if (restrictedPage && !loggedIn) {
$location.path('/');
}
});
}

angular
.module('meanApp')
.config(['$routeProvider', '$locationProvider', config]);
.config(['$routeProvider', '$locationProvider', config])
.run(['$rootScope', '$location', 'authentication', run]);


})();
4 changes: 2 additions & 2 deletions app_client/profile/profile.view.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,11 @@ <h1 class="form-signin-heading">Your profile</h1>
<form class="form-horizontal">
<div class="form-group">
<label class="col-sm-3 control-label">Full name</label>
<p class="form-control-static">Simon Holmes</p>
<p class="form-control-static">{{ vm.user.name }}</p>
</div>
<div class="form-group">
<label class="col-sm-3 control-label">Email</label>
<p class="form-control-static">simon@fullstacktraining.com</p>
<p class="form-control-static">{{ vm.user.email }}</p>
</div>
</form>

Expand Down
3 changes: 3 additions & 0 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,13 @@
"cookie-parser": "~1.3.3",
"debug": "~2.1.1",
"express": "~4.11.1",
"express-jwt": "^3.0.1",
"jade": "~1.9.1",
"jsonwebtoken": "^5.0.4",
"mongoose": "^4.1.2",
"morgan": "~1.5.1",
"passport": "^0.2.2",
"passport-local": "^1.0.0",
"serve-favicon": "~2.2.0"
},
"devDependencies": {
Expand Down

0 comments on commit 528f503

Please sign in to comment.