Objective:
To restrict access to the profile page only for logged-in users. The authentication is done through mongodb and passport-local.
Existing Code:
Below is the express route used to verify if the request is authenticated.
app.get('/loggedin', function(req, res) {
res.send(req.isAuthenticated() ? req.user : '0');
});
A service named AuthService calls this route via $http and returns the result.
this.isLoggedIn = function(){
var promise = $http.get('/loggedin');
promise.then(function(user){
if(user === 0 || user === '0'){
//Not a valid request
console.log('Not a valid request');
return false;
} else {
//Valid request.
return user;
}
});
return promise;
};
Error handling code that should throw an error when the resolve promise returns false.
.config(['$routeProvider', function($routeProvider) {
$routeProvider.when('/profile', {
templateUrl: 'views/profile.html',
controller: 'profileCtrl',
resolve: {
loggedIn: ['AuthService', function(AuthService){
return AuthService.isLoggedIn();
}]
}
});
}])
Error handling code to log the routing error.
.run(['$rootScope','$location', function($rootScope,$location){
//Error thrown by a resolve dependency. Handle the error here.
$rootScope.$on('$routeChangeError', function(event, curRoute, prevRoute, error){
console.log("Routing error");
});
}])
Problem:
The issue is that the Routing error message is not being displayed in the console (as mentioned above). While the service successfully logs Not a valid request, it's unclear why it's not triggering a $routeChangeError. Once this logging issue is resolved, further implementation of the resolve logic will allow secure access control to various pages as intended.