Getting Started with AngularJS 1.5 and ES6: part4

原文

Authentication

In a real world application,it should provide login,registration and logout features for users,and also can identify if a user has the roles or permissions to access the protected resources.

I have set adding post and editing post requires authentication in backend APIs. And it uses a JWT token based authentication to authorize users.

In this client,we use window.localStorage to store the JWT token,it is easy to read and restore authentication without new login.

Create a JWT service to wrap read and write localStorage actions.

class JWT {

  constructor(AppConstants,$window) {
    'ngInject';

    this._AppConstants = AppConstants;
    this._$window = $window;
  }

  save(token) {
    this._$window.localStorage[this._AppConstants.jwtKey] = token;
  }

  get() {
    return this._$window.localStorage[this._AppConstants.jwtKey];
  }

  destroy() {
    this._$window.localStorage.removeItem(this._AppConstants.jwtKey);
  }

}

export default JWT;

The backend APIs provides /auth/login,/auth/signup for login and registration.

logout is no need extra operation on server side. We are using stateless service,there is state need to clean.

Create an Auth service to wrap these operations.

class Auth {
  constructor(JWT,AppConstants,$http,$state,$q) {
    'ngInject';

    this._JWT = JWT;
    this._AppConstants = AppConstants;
    this._$http = $http;
    this._$state = $state;
    this._$q = $q;
    this.current = null;
  }


  attempAuth(type,credentials) {
    let path = (type == 'signin') ? '/login' : '/signup';

    let request = {
      url: this._AppConstants.api + '/auth' + path,method: 'POST',data: credentials
    };

    return this._$http(request)
      .then((res) => {

        this._JWT.save(res.data.id_token);
        this.current = res.data.user;
        return res;
      });
  }

  ensureAuthIs(b) {
    let deferred = this._$q.defer();

    this.verifyAuth().then((authValid) => {
      // if it's the opposite,redirect home
      if (authValid !== b) {
        this._$state.go('app.signin');
        deferred.resolve(false);
      } else {
        deferred.resolve(true);
      }
    });

    return deferred.promise;
  }

  verifyAuth() {
    let deferred = this._$q.defer();

    if (!this._JWT.get()) {
      deferred.resolve(false);
      return deferred.promise;
    }

    if (this.current) {
      deferred.resolve(true);
    } else {
      this._$http({
        url: this._AppConstants.api + '/me',method: 'GET'
      })
        .then(
        (res) => {
          this.current = res.data;
          deferred.resolve(true);
        },(err) => {
          this._JWT.destroy();
          deferred.resolve(false);
        }
        );
    }

    return deferred.promise;
  }

  logout() {
    this.current = null;
    this._JWT.destroy();
    this._$state.go(this._$state.$current,null,{ refresh: true });
  }

}
export default Auth;

The attempAuth is responsive for signin and signup action,use a type to identify them.

The verifyAuth and ensureAuthIs are use for check user authentication status and make sure user is authenticated.

We have generated signin and signup component skeleton codes for this application.

Let's implements signin firstly.

signin.controller.js:

class SigninController {
  constructor(Auth,toastr) {
    'ngInject';

    this._Auth = Auth;
    this._$state = $state;
    this._toastr = toastr;
    this.name = 'signin';
    this.data = { username: '',password: '' };
  }

  signin() {
    console.log("signin with credentials:" + this.data);
    this._Auth.attempAuth('signin',this.data)
      .then((res) => {
        this._toastr.success('Welcome back,' + this.data.username);
        this._$state.go('app.posts');
      });
  }
}

export default SigninController;

In the signin method,when Auth.attempAuth is called successfully,then use angular-toastr to raise a notification and route to app.posts state.

signin.html:

<div class="row">
  <div class="offset-md-3 col-md-6">
    <div class="card">
      <div class="card-header">
        <h1>{{ $ctrl.name }}</h1>
      </div>
      <div class="card-block">
        <form id="form" name="form" class="form" ng-submit="$ctrl.signin()" novalidate>
          <div class="form-group" ng-class="{'has-danger':form.username.$invalid && !form.username.$pristine}">
            <label class="form-control-label" for="username">{{'username'}}</label>
            <input class="form-control" id="username" name="username" ng-model="$ctrl.data.username" required/>
            <div class="form-control-Feedback" ng-messages="form.username.$error" ng-if="form.username.$invalid && !form.username.$pristine">
              <p ng-message="required">Username is required</p>
            </div>
          </div>
          <div class="form-group" ng-class="{'has-danger':form.password.$invalid && !form.password.$pristine}">
            <label class="form-control-label" for="password">{{'password'}}</label>

            <input class="form-control" type="password" name="password" id="password" ng-model="$ctrl.data.password" required/>
            <div class="form-control-Feedback" ng-messages="form.password.$error" ng-if="form.password.$invalid && !form.password.$pristine">
              <p ng-message="required">Password is required</p>
            </div>

          </div>
          <div class="form-group">
            <button type="submit" class="btn btn-success btn-lg" ng-disabled="form.$invalid || form.$pending">  {{'SIGN IN'}}
          </div>
        </form>
      </div>
      <div class="card-footer">
        Not registered,<a href="#" ui-sref="app.signup">{{'signup'}}</a>
      </div>
    </div>
  </div>
</div>

The signin is simple,username and password fields are rquired.

Declare signin as an Angular module.

/components/signin/index.js:

import angular from 'angular';
import uiRouter from 'angular-ui-router';
import commonSevices from '../../common/services/';
import signinComponent from './signin.component';

let signinModule = angular.module('signin',[
  commonSevices,uiRouter
])
  .config(($stateProvider) => {
    "ngInject";
    $stateProvider
      .state('app.signin',{
        url: '/signin',component: 'signin'
      });
  })
  .component('signin',signinComponent)

  .name;

export default signinModule;

Add signinModule as a dependency of ComponentsModule.

//...
import Signin from './signin/';
//...

let componentsModule = angular.module('app.components',[
  //...
  Signin,//...
  ])
.name;

Similarly,create signup component.

signup.controller.js:

class SignupController {
  constructor(Auth,$state) {
    'ngInject';

    this._Auth = Auth;
    this._$state = $state;
    this.name = 'signup';
    this.data = {
      firstName: '',lastName: '',username: '',password: ''
    };
  }

  signup() {
    console.log('sign up with data @' + this.data);
    this._Auth.attempAuth('signup',this.data)
      .then((res) => {
        this._$state.go('app.posts');
      });
  }
}

export default SignupController;

signup.html:

<div class="row">
  <div class="offset-md-3 col-md-6">
    <div class="card">
      <div class="card-header">
        <h1>{{ $ctrl.name }}</h1>
      </div>
      <div class="card-block">
        <form id="form" name="form" class="form" ng-submit="$ctrl.signup()" novalidate>
          <div class="row">
            <div class="col-md-6">
              <div class="form-group" ng-class="{'has-danger':form.firstName.$invalid && !form.firstName.$pristine}">
                <label class="form-control-label" for="firstName">{{'firstName'}}</label>
                <input class="form-control" id="firstName" name="firstName" ng-model="$ctrl.data.firstName" required/>
                <div class="form-control-Feedback" ng-messages="form.firstName.$error" ng-if="form.firstName.$invalid && !form.firstName.$pristine">
                  <p ng-message="required">FirstName is required</p>
                </div>
              </div>
            </div>
            <div class="col-md-6">
              <div class="form-group" ng-class="{'has-danger':form.lastName.$invalid && !form.lastName.$pristine}">
                <label class="form-control-label col-md-12" for="lastName">{{'lastName'}}</label>
                <input class="form-control" id="lastName" name="lastName" ng-model="$ctrl.data.lastName" required/>
                <div class="form-control-Feedback" ng-messages="form.lastName.$error" ng-if="form.lastName.$invalid && !form.lastName.$pristine">
                  <p ng-message="required">LastName is required</p>
                </div>
              </div>
            </div>
          </div>

          <div class="form-group" ng-class="{'has-danger':form.username.$invalid && !form.username.$pristine}">
            <label class="form-control-label" for="username">{{'username'}}</label>
            <input class="form-control" id="username" name="username" ng-model="$ctrl.data.username" required ng-minlength="6" ng-maxlength="20" />
            <div class="form-control-Feedback" ng-messages="form.username.$error" ng-if="form.username.$invalid && !form.username.$pristine">
              <p ng-message="required">Username is required</p>
              <p ng-message="minlength">Username is too short(at least 6 chars)</p>
              <p ng-message="maxlength">Username is too long(at most 20 chars)</p>
            </div>
          </div>
          <div class="form-group" ng-class="{'has-danger':form.password.$invalid && !form.password.$pristine}">
            <label class="form-control-label" for="password">{{'password'}}</label>
            <input class="form-control" type="password" name="password" id="password" ng-model="$ctrl.data.password" required ng-minlength="6" ng-maxlength="20" />
            <div class="form-control-Feedback" ng-messages="form.password.$error" ng-if="form.password.$invalid && !form.password.$pristine">
              <p ng-message="required">Password is required.</p>
              <p ng-message="minlength,maxlength">Password should be consist of 6 to 20 chars.</p>
            </div>
          </div>
          <div class="form-group">
            <button type="submit" class="btn btn-success btn-lg" ng-disabled="form.$invalid || form.$pending">  {{'SIGN UP'}}
          </div>
        </form>
      </div>
      <div class="card-footer">
        Already registered,<a  href="#" ui-sref="app.signin">{{'signin'}}</a>
      </div>
    </div>
  </div>
</div>

It is similar with sginin template file,we add two more fields,FirstName and LastName,and for password and username fields we have add more validation rules.

Declare the signup Angular Module.

import angular from 'angular';
import uiRouter from 'angular-ui-router';
import commonSevices from '../../common/services/';
import signupComponent from './signup.component';

let signupModule = angular.module('signup',uiRouter
])
  .config(($stateProvider) => {
    "ngInject";
    $stateProvider
      .state('app.signup',{
        url: '/signup',component: 'signup',data: {
          requiresAuth: false
        }
      });
  })
  .component('signup',signupComponent)

  .name;

export default signupModule;

Add signup module to componentsModule dependencies.

import Signup from './signup/';
//...

let componentsModule = angular.module('app.components',[
  //...
  Signup,//...
  ])
.name;

Add an intecepter to $httpProvider.

app.config.js

function jwtInterceptor(JWT,$window,$q) {
  'ngInject';

  return {
    // automatically attach Authorization header
    request: function (config) {
      if (/*config.url.indexOf(AppConstants.api) === 0 &&*/ JWT.get()) {
        config.headers.Authorization = 'Bearer ' + JWT.get();
      }
      return config;
    },// Handle 401
    responseError: function (rejection) {
      if (rejection.status === 401) {
        // clear any JWT token being stored
        JWT.destroy();
        // do a hard page refresh
        $window.location.reload();
      }
      return $q.reject(rejection);
    }
  };
}
//...in AppConfig function
  $httpProvider.interceptors.push(jwtInterceptor);

Now,sginin and signup should work.

Next,we will try to protect the pages requires authentication,such as new-post and edit-post.

In the state deFinition,add a requiresAuth property in state data to identify if a state should be authenticated.

Add the following code to app state.

$stateProvider
    .state('app',{
      abstract: true,component: 'app',data: {
        requiresAuth: true
      }
    });

As described before,app is the root component of the component tree. Here we assume all component should be authenticated before route to it. But the data attribute can be inherited and overriden.

Add the following codes to posts,post-details,signin,signup state deFinitions.

data: {
requiresAuth: true
}

It tell these states are not required to be authenticated.

Finally,observes the state change event in AppRun.

//processing auth redirecting
  $transitions.onStart({
    to: (state) => {
      return !!state.data.requiresAuth;
    }
  },function (trans) {
    var $state = trans.router.stateService;
    var _Auth = trans.injector().get('Auth');

    _Auth.ensureAuthIs(true);

  });

Now try to click new-post link in the navbar when you are not authenticated,it will redirect to signin page.

Add signin,signup and logout button/links in navbar.html.

<ul class="nav navbar-nav pull-md-right">
	<li class="nav-item" show-authed="false"><button class="btn btn-outline-success" ng-click="$ctrl.onSignin()">{{'signin'}}</button></li>
	<li class="nav-item" show-authed="false"><a class="nav-link" href="#" ui-sref="app.signup">{{'signup'}}</a></span>
	</li>
	<li class="nav-item" show-authed="true"><button type="button" class="btn btn-outline-danger" ng-click="$ctrl.onlogout()">{{'logout'}}</button></span>
	</li>

  </ul>

Unlike signup action,it is a simple link,signin and logout call controller methods: onSignin and onlogout.

class NavbarController {
  constructor($scope) {
    'ngInject';
	
    this._$scope = $scope;
    this.name = 'navbar';
  }

  $onInit() {
    console.log("initializing NavbarController...");
  }

  $onDestroy() {
    console.log("destroying NavbarController...");
  }
  onSignin() {
    console.log("on signin...");
    this._$scope.$emit("event:signinRequest");
  }

  onlogout() {
    console.log("on logout...");
    this._$scope.$emit("event:logoutRequest");
  }
}

export default NavbarController;

In these methods,we also do not use $state to route the target state. We use Angular event publisher/subcribers to archive the purpose.

If you are writing the legacy Angular application,you Could kNow well about the $scope.

In Angular $scopes are treeable,there is a $rootScope of an application,and all $scopes are inherited from it. Every $scope has a $parent property to access its parent scope,except $rootScope.

$scope has two methods to fire an event.

  • $scope.emit will fire an event up the scope.
  • $scope.broadcast will fire an event down scope.

$scope.on will observes events.

We use emit in our case,and we can use $rootScope to observe these events in AppRun.

$rootScope.$on("event:signinRequest",function (event,data) {
    console.log("receviced:signinRequest");
    $state.go('app.signin');
  });

  $rootScope.$on("event:logoutRequest",data) {
    console.log("receviced:logoutRequest");
    Auth.logout();
    $state.go('app.signin');
  });

In the navbar component,show-authed directive determines if show or hide button/links according to the authentication info.

Have a look at the show-authed.directive.js under common/diretives/ folder.

function ShowAuthed(Auth) {
  'ngInject';

  return {
    restrict: 'A',link: function(scope,element,attrs) {
      scope.Auth = Auth;

      scope.$watch('Auth.current',function(val) {
          // If user detected
          if (val) {
            if (attrs.showAuthed === 'true') {
              element.css({ display: 'inherit'})
            } else {
              element.css({ display: 'none'})
            }

          // no user detected
          } else {
            if (attrs.showAuthed === 'true') {
              element.css({ display: 'none'})
            } else {
              element.css({ display: 'inherit'})
            }
          }
      });

    }
  };
}

export default ShowAuthed;

Also do not forget to register it in the directivesModule,and set directivesModule as a dependency of common module.

common/diretives/index.js:

import angular from 'angular';
import ShowAuthed from './show-authed.directive';

let directivesModule = angular.module('app.common.directives',[])

.directive('showAuthed',ShowAuthed)

.name;

export default directivesModule;

common/index.js:

//...
import commonDirectivesModule from './directives';

let commonModule = angular.module('app.common',[
 //...
  commonDirectivesModule
])

//...

In this sample,only includes a simple authentication,if you need more complex and fine-grained control of authorization,read this stackoverflow discussion for more details.

Check the sample codes.

Getting Started with AngularJS 1.5 and ES6: part4的更多相关文章

  1. HTML5新增form控件和表单属性实例代码详解

    这篇文章主要介绍了HTML5新增form控件和表单属性实例代码详解,需要的朋友可以参考下

  2. HTML5表单验证特性(知识点小结)

    这篇文章主要介绍了HTML5表单验证特性的一些知识点,本文通过实例代码截图的形式给大家介绍的非常详细,对大家的学习或工作具有一定的参考借鉴价值,需要的朋友可以参考下

  3. amazeui页面分析之登录页面的示例代码

    这篇文章主要介绍了amazeui页面分析之登录页面的示例代码,本文通过实例代码给大家介绍的非常详细,对大家的学习或工作具有一定的参考借鉴价值,需要的朋友可以参考下

  4. ios – Swift Eureka Form中的循环

    我正在构建一个Eureka表单,并希望在表单中放置一个循环来构建基于数组的步进器列表.我试图使用的代码是:但是,当我这样做时,我在StepperRow行上出现了一个错误:所以看起来Swift不再认为它在形式之内并且正在关注

  5. Swift 2.x Plus -- Guard

    如果要判断的条件很多,那么在使用if-let这个模式的时候就会遇到一个很麻烦的问题,那就是很深的嵌套,比如这样:在很久以前是这样的,但是如果再用这个例子来说明if-let总是嵌套很多就不合适了。因为现在你可以这样:if-let只是要表达:符合条件的都进来开始下一步的操作。另外需要提到的是在流程控制语句中的do-while现在变成了repeat-while。

  6. swift 上传图片和参数 upload image with params

    Alamofire.upload(urlRequest.0,urlRequest.1).progress{(bytesWritten,totalBytesWritten,totalBytesExpectedToWrite)inprintln("\(totalBytesWritten)/\(totalBytesExpectedToWrite)")}}

  7. swift3新路程9结构体和类

    Usestructtocreateastructure.Structuressupportmanyofthesamebehaviorsasclasses,includingmethodsandinitializers.Oneofthemostimportantdifferencesbetweenstructuresandclassesisthatstructuresarealwayscopiedw

  8. swift – 使用PostgreSQL在Vapor 3中上传图片

    我正在关注这些家伙MartinLasek教程,现在我正在“图片上传”.似乎没有人能回答“如何上传iVapor3图像”的问题Db连接正常,所有其他值都保存.这是我的创建方法:和型号:}和叶子模板:我知道需要一种管理文件的方法和原始图像字节,但我怎么去那里?这使用多部分表单的自动解码:upload.leaf文件是:使用File类型可以访问上载文件的本地文件名以及文件数据.如果将其余的Question字段添加到ExampleUpload结构中,则可以使用该路径捕获整个表单的字段.

  9. Android Studio是否支持用于Android UI设计的AngularJS?

    我对AndroidStudio有疑问:AS在设计XML文件时是否支持AngularJS代码,例如:对于小动画或效果?

  10. android – 如何使用ClientID和ClientSecret在Phonegap中使用Angularjs登录Google OAuth2

    我正尝试使用Angularjs(使用IonicFramework)通过GoogleOAuth2从我的Phonegap应用程序登录.目前我正在使用http://phonegap-tips.com/articles/google-api-oauth-with-phonegaps-inappbrowser.html进行登录.但是当我使用Angular-UI-RouterforIonic时,它正在创建非常

随机推荐

  1. Angular2 innerHtml删除样式

    我正在使用innerHtml并在我的cms中设置html,响应似乎没问题,如果我这样打印:{{poi.content}}它给了我正确的内容:``但是当我使用[innerHtml]=“poi.content”时,它会给我这个html:当我使用[innerHtml]时,有谁知道为什么它会剥离我的样式Angular2清理动态添加的HTML,样式,……

  2. 为Angular根组件/模块指定@Input()参数

    我有3个根组件,由根AppModule引导.你如何为其中一个组件指定@input()参数?也不由AppModalComponent获取:它是未定义的.据我所知,你不能将@input()传递给bootstraped组件.但您可以使用其他方法来做到这一点–将值作为属性传递.index.html:app.component.ts:

  3. angular-ui-bootstrap – 如何为angular ui-bootstrap tabs指令指定href参数

    我正在使用角度ui-bootstrap库,但我不知道如何为每个选项卡指定自定义href.在角度ui-bootstrap文档中,指定了一个可选参数select(),但我不知道如何使用它来自定义每个选项卡的链接另一种重新定义问题的方法是如何使用带有角度ui-bootstrap选项卡的路由我希望现在还不算太晚,但我今天遇到了同样的问题.你可以通过以下方式实现:1)在控制器中定义选项卡href:2)声明一个函数来改变控制器中的散列:3)使用以下标记:我不确定这是否是最好的方法,我很乐意听取别人的意见.

  4. 离子框架 – 标签内部的ng-click不起作用

    >为什么标签标签内的按钮不起作用?>但是标签外的按钮(登陆)工作正常,为什么?>请帮我解决这个问题.我需要在点击时做出回复按钮workingdemo解决方案就是不要为物品使用标签.而只是使用divHTML

  5. Angular 2:将值传递给路由数据解析

    我正在尝试编写一个DataResolver服务,允许Angular2路由器在初始化组件之前预加载数据.解析器需要调用不同的API端点来获取适合于正在加载的路由的数据.我正在构建一个通用解析器,而不是为我的许多组件中的每个组件设置一个解析器.因此,我想在路由定义中传递指向正确端点的自定义输入.例如,考虑以下路线:app.routes.ts在第一个实例中,解析器需要调用/path/to/resourc

  6. angularjs – 解释ngModel管道,解析器,格式化程序,viewChangeListeners和$watchers的顺序

    换句话说:如果在模型更新之前触发了“ng-change”,我可以理解,但是我很难理解在更新模型之后以及在完成填充更改之前触发函数绑定属性.如果您读到这里:祝贺并感谢您的耐心等待!

  7. 角度5模板形式检测形式有效性状态的变化

    为了拥有一个可以监听其包含的表单的有效性状态的变化的组件并执行某些组件的方法,是reactiveforms的方法吗?

  8. Angular 2 CSV文件下载

    我在springboot应用程序中有我的后端,从那里我返回一个.csv文件WheniamhittingtheURLinbrowsercsvfileisgettingdownloaded.现在我试图从我的角度2应用程序中点击此URL,代码是这样的:零件:服务:我正在下载文件,但它像ActuallyitshouldbeBook.csv请指导我缺少的东西.有一种解决方法,但您需要创建一个页面上的元

  9. angularjs – Angular UI-Grid:过滤后如何获取总项数

    提前致谢:)你应该避免使用jQuery并与API进行交互.首先需要在网格创建事件中保存对API的引用.您应该已经知道总行数.您可以使用以下命令获取可见/已过滤行数:要么您可以使用以下命令获取所选行的数量:

  10. angularjs – 迁移gulp进程以包含typescript

    或者我应该使用tsc作为我的主要构建工具,让它解决依赖关系,创建映射文件并制作捆绑包?

返回
顶部