angularjs - JWT Exists Check -- Where To Do It? -

-

i have login service handling initial jwt creation , getting user data fine out of payload.

the problem having place code check make sure jwt exists , valid on every page change? have auth service function called isauthed , want check make sure not false.

my initial idea put code in app.run, not having luck it.

if (authsvc.gettoken() === undefined || !authsvc.isauthed(authsvc.gettoken())) {     $window.location.href = "http://localhost:3000/#/login"; else {     // continue run rest of .run function. }

the first check in conditional above calls function pulls jwt local storage. so, want make sure not undefined. next check see if token valid. if either of conditions fail, route user login page.

what trying ensure if hits localhost:3000/#/app/dashboard getting kicked login page.

should handling via resolve parameter in route instead have parent app put resolve in , should check authentication childs?

i have seen many different ways checking authentication jwt need clear cut answer on best practice here.

authservice.js

function authservice($window) {     var self = this;      self.parsejwt = function(token) {         var base64url = token.split('.')[1];         var base64 = base64url.replace('-', '+').replace('_', '/');         return json.parse($window.atob(base64));     }      self.savetoken = function(token) {         $window.localstorage['jwttoken'] = token;     }      self.gettoken = function() {         return $window.localstorage['jwttoken'];     }      self.isauthed = function() {         var token = self.gettoken();         if(token) {             var params = self.parsejwt(token);             return math.round(new date().gettime() / 1000) <= params.exp;         } else {             return false;         }     }      self.logout = function() {         $window.localstorage.removeitem('jwttoken');     } }  app.service('authsvc', authservice);

config.js (routes part)

// // app routes // ----------------------------------- $stateprovider      .state('login', {         url: '/login',         templateurl: basepath('login.html')     })      .state('register', {         url: '/register',         templateurl: basepath('register.html')     })      .state('recover', {         url: '/recover-password',         templateurl: basepath('recover.html')     })      .state('app', {         url: '/app',         abstract: true,         templateurl: basepath('app.html'),         controller: 'appcontroller'     })      .state('app.users', {         url: '/users',         templateurl: basepath('users.html'),         controller: 'usercontroller',         title: 'users'     })      .state('app.projects', {         url: '/projects',         templateurl: basepath('projects.html'),         controller: 'projectcontroller',         title: 'projects'     })      .state('app.dashboard', {         url: '/dashboard',         templateurl: basepath('dashboard.html'),         title: 'dashboard'     });

authintercepterfactory.js

function authinterceptorfactory(api, authsvc) {     return {         // automatically attach authorization header         request: function(config) {             var token = authsvc.gettoken();             if(config.url.indexof(api) === 0 && token) {                 config.headers.authorization = 'bearer ' + token;             }              return config;         },          // if token sent back, save         response: function(res) {             if(res.config.url.indexof(api) === 0 && res.data.token) {                 authsvc.savetoken(res.data.token);             }              return res;         },          responseerror: function(res) {             if(res.status === 401 || res.status == 403) {                 $window.location.href = "http://localhost:3000/#/login";             }         }     } }  app.service('authinterceptor', authinterceptorfactory);

please let me know if need additional code other files.

thanks.

you should build interceptor , check there, @ same place should check 401 , 402 errors

more interceptors here:

https://code.angularjs.org/1.3.3/docs/api/ng/service/$http

they "intercept" http traffic providing success , error functions allows inspect , transform calls made(request interceptors), , check responses (response interceptors)


Comments

Post a Comment

Popular posts from this blog

Java 3D LWJGL collision -

-
i making 3d java game lwjgl library, , wondering how add collision detection, player not go through models. i using obj models. here objloader class, loads models: package renderengine; import java.io.bufferedreader; import java.io.file; import java.io.filenotfoundexception; import java.io.filereader; import java.util.arraylist; import java.util.list; import models.rawmodel; import org.lwjgl.util.vector.vector2f; import org.lwjgl.util.vector.vector3f; public class objloader { public static rawmodel loadobjmodel(string filename, loader loader){ filereader fr = null; try { fr = new filereader(new file("res/"+filename+".obj")); } catch (filenotfoundexception e) { system.err.println("couldn't load file!"); e.printstacktrace(); } bufferedreader reader = new bufferedreader(fr); string line; list<vector3f> vertices = new arraylist<vector3f...
Read more

spring - SubProtocolWebSocketHandler - No handlers -

-
i have ugly error during deploying spring app on jboss. 18:11:16,025 error [org.apache.catalina.core.containerbase.[jboss.web].[default-host].[/consumer]] (msc service thread 1-7) exception sending context initialized event listener instance of class org.springframework.web.context.contextloaderlistener: org.springframework.context.applicationcontextexception: failed start bean 'subprotocolwebsockethandler'; nested exception java.lang.illegalargumentexception: no handlers @ org.springframework.context.support.defaultlifecycleprocessor.dostart(defaultlifecycleprocessor.java:176) [spring-context-4.1.3.release.jar:4.1.3.release] @ org.springframework.context.support.defaultlifecycleprocessor.access$200(defaultlifecycleprocessor.java:51) [spring-context-4.1.3.release.jar:4.1.3.release] @ org.springframework.context.support.defaultlifecycleprocessor$lifecyclegroup.start(defaultlifecycleprocessor.java:346) [spring-context-4.1.3.release.jar:4.1.3.release] @ org.s...
Read more

methods - python can't use function in submodule -

-
my folder structure this: pythonstuff/ program.py modulea/ __init__.py foo.py bar.py here's code bar.py : def hello(): print("hello, world!") here's code program.py : #!/usr/bin/env python3 modulea import bar bar.hello() i run $ python3 program.py somehow error: file "program.py", line 3, in <module> bar.hello() attributeerror: 'module' object has no attribute 'hello' edit: __init__.py file empty. edit2: after trying realized had bar.py in root directory contained hello() method. bar.py in modulea/ directory empty. add it import os __all__ = [] module in os.listdir(os.path.dirname(__file__)): if module != '__init__.py' , module[-3:] == '.py': __all__.append(module[:-3]) the init .py files required make python treat directories containing packages; done prevent directories common name, such string, unintentionally hiding v...
Read more