Only grant access to Angular view if user possesses the necessary cookie

Question

Only grant access to Angular view if user possesses the necessary cookie

How can I restrict access to a view in angular ui-router only if a cookie is active with the user's email address?

I am currently setting the cookie in a post request where I assign the cookie value to the user's email address.

Now, I want to ensure that users can only access a specific view if they have a cookie containing their username. How should I implement this restriction?

Here is how I set the cookie:

 FirstModule.controller('LoginController', function ($scope, $http, $cookies, $location) {
    $scope.sometext = {};

    $scope.LoginForm = function () {
        var data = {
            LoginEmail: $scope.sometext.LoginEmail
        };

        $http({
            url: 'http://localhost:8080/back-end/controller',
            method: "POST",
            data: data,
            headers: {'Content-Type': 'application/json'}

        }).then(function (response) {

            if (response.status === 200)
            //     $scope.sometext = "You are a valid member, please proceed to Mock Up Maker";
            $cookies.put('UserName', $scope.sometext.LoginEmail);
            $location.path('/download');
            // console.log($cookies);
        }).catch(function (response) {
            if (response.status === 400)
                $scope.sometext = "Hmm, it seems you are not registered, try again or register";
            else if (response.status === 404)
                $scope.sometext = "this is non a valid email address, please check email";
            else if (response.status === 500)
                $scope.sometext = "No API connection. Server side fail ";

            else $scope.sometext = "Server connection error, give it a second to establish connection then try again";
        });
    }
});

Setting up the router:

FirstModule.config(function ($stateProvider, $urlRouterProvider) {

    $stateProvider

    // route to show our basic form (/form)
        .state('form', {
            url: '/form',
            templateUrl: 'views/form.html',
            controller: 'formController'
        })

        // nested states
        // each of these sections will have their own view
        // url will be nested (/form/signup)
        .state('form.signup', {
            url: '/signup',
            templateUrl: 'views/form-signup.html'
        })

        // url will be /form/select
        .state('form.select', {
            url: '/select',
            templateUrl: 'views/form-select.html'
        })

        // url will be /form/type
        .state('form.type', {
            url: '/type',
            templateUrl: 'views/form-type.html'
        })


    // catch all route
    // send users to the form page
    $urlRouterProvider.otherwise('/form/signup');
});

javascript angularjs cookies angular-ui-router

Answer 1

Answer №1

To implement redirection based on a condition in your Angular application using ui-router, you can utilize the resolve property. Simply include the resolve field in your state definition and specify the condition that should be met. If the condition is not satisfied, you can redirect the user to a different state, such as the login state.

state('user', {
  url: '/',
  templateUrl: 'UserView.html',
  controller: 'UserViewController',
  resolve: {
    check: function($q, $cookies) {
      if ($cookies.get('UserName')){ //cookie to check
        return $q.resolve({});
      } else{
        return $q.reject({redirectState: 'loginState'}); 
      }
    }
  }
});

Add an error handler to capture any errors that occur during state transitions.

$rootScope.$on('$stateChangeError', function(evt, to, toParams, from, fromParams, error) {
  if (error.redirectState) {
    $state.go(error.redirectState);
  } 
})

Answer 2

To implement redirection based on a condition in your Angular application using ui-router, you can utilize the resolve property. Simply include the resolve field in your state definition and specify the condition that should be met. If the condition is not satisfied, you can redirect the user to a different state, such as the login state.

state('user', {
  url: '/',
  templateUrl: 'UserView.html',
  controller: 'UserViewController',
  resolve: {
    check: function($q, $cookies) {
      if ($cookies.get('UserName')){ //cookie to check
        return $q.resolve({});
      } else{
        return $q.reject({redirectState: 'loginState'}); 
      }
    }
  }
});

Add an error handler to capture any errors that occur during state transitions.

$rootScope.$on('$stateChangeError', function(evt, to, toParams, from, fromParams, error) {
  if (error.redirectState) {
    $state.go(error.redirectState);
  } 
})

Answer 3

Answer №2

Karim provided a solid answer that should be effective. However, it may be more beneficial to consider this as an intermediate step in the process.

An ideal solution would involve offering users a way to access the URL only if they have the necessary cookie set. This could mean deactivating the link or concealing it entirely. In my opinion, this is a more optimal approach.

To ensure the security and reliability of my application, I would prefer to implement both options. By disabling or removing the link/button, users will be unable to access the URL altogether. Additionally, using Router-Resolve can protect against savvy users who might attempt to access the link through alternative means. :)

Answer 4

Karim provided a solid answer that should be effective. However, it may be more beneficial to consider this as an intermediate step in the process.

An ideal solution would involve offering users a way to access the URL only if they have the necessary cookie set. This could mean deactivating the link or concealing it entirely. In my opinion, this is a more optimal approach.

To ensure the security and reliability of my application, I would prefer to implement both options. By disabling or removing the link/button, users will be unable to access the URL altogether. Additionally, using Router-Resolve can protect against savvy users who might attempt to access the link through alternative means. :)

Only grant access to Angular view if user possesses the necessary cookie

Answer №1

Answer №2

Similar questions

Issue a cautionary alert to the user before finalizing an API project in Node.js

Can you explain the purpose of using double colons before an expression variable in AngularJS?

Resolving the CORS preflight issue with Loopback API in Redux

.Internet Explorer text update problem

Guide to setting the first tab as the default tab using Thymeleaf, Css, and Bootstrap

Using a JavaScript file within a webpage that has already been loaded

Is the `ng-model` for the AngularStrap `bs-typeahead` component not accessible in the current scope?

Should you approach TypeScript modules or classes with a focus on unit testing?

Experience screen sharing through WEBRTC without the need for any additional browser extensions

What is the reasoning behind an empty input value being considered as true?

Tips for extracting specific values from JavaScript using jQuery in ASP to be utilized in the C# code behind section

Tips to store Google fonts in the assets directory

The window.onload event is failing to trigger on mobile devices, although it is functioning properly on desktop. (using react js

Executing jQuery when the DOM is loaded in Angularjs

Understanding the request URL in Ajax when receiving a response

Encountering difficulties in creating an app with Apache Cordova

When using ng-repeat with Angular ui-bootstrap and tabs, the new tab will not be selected if there are no existing tabs present

The breeze is puzzled by the altered being, unable to identify it

I'm just starting out with jQuery and JSON and could use some assistance with formatting the string, specifically so I can properly iterate through it

Issue with new Cookie not functioning properly when using Response.Redirect