ragingprodigy/AppAuth.coffee

## AppAuth.coffee
app = angular.module 'AppAuth', []

app.factory 'AuthService', ['$http', 'Session', 'AuthToken', ($http, Session, AuthToken) ->
  {
    login: (username, password) ->
      $http.post('api/v1/users/login/', {
        username: username
        password: password
      }).then (response) ->
        AuthToken.set(response.data.records.privateKey) if response.data._meta.status == 'SUCCESS'
        Session.set "currentUser", JSON.stringify response.data.records.user
        response.data.records.user

    isGuest: ->
      AuthToken.get() is null

    currentUser: ->
      JSON.parse(Session.get "currentUser")

    logout: ->
      Session.clear "currentUser"
      AuthToken.clear()
  }
]

app.factory 'AuthToken', ['$window', ($window) ->
  authStorage = {
    get: ->
      $window.localStorage.getItem("sc_api_key")

    set: (value) ->
      $window.localStorage.setItem("sc_api_key", value)

    clear: ->
      $window.localStorage.removeItem("sc_api_key")
  }
  authStorage
]

app.factory 'Session', ['$window', ($window) ->
  sStorage = {
    get: (key) ->
      $window.sessionStorage.getItem "__#{key}"

    set: (key, value) ->
      $window.sessionStorage.setItem "__#{key}", value

    clear: (key) ->
      $window.sessionStorage.removeItem "__#{key}"
  }
  sStorage
]

app.config ['$routeProvider', ($routeProvider) ->
  $httpProvider.interceptors.push("AuthInterceptor")

  $routeProvider.when '/', {
    templateUrl: 'partials/home.html'
    access: 'guest'
  }
  .when '/dashboard', {
    templateUrl: 'partials/dash.html'
    controller: 'DashCtrl'
    access: 'authorized'
  }
  .otherwise({ redirectTo: '/' });
]

app.run ['$rootScope', 'AuthService', ($rootScope, AuthService)->

  $rootScope.$on '$routeChangeStart', (event, next, current) ->
    if AuthService.isGuest() and next.access is "authorized"
      $rootScope.$broadcast "not-authenticated"

  $rootScope.$on "not-authenticated", ->
    # Perform an action here, either redirect to login route or show a
    # login modal

]

app.factory "AuthInterceptor", ['$q', '$injector', 'uiBlock', ($q, $injector, uiBlock) ->
  {
    #This will be called on every outgoing http request
    request: (config)->

      AuthToken = $injector.get("AuthToken")
      token = AuthToken.get()
      config.headers = config?.headers || {}
      if token? and config.url.match(new RegExp('api/v1/')) then config.headers.CUSTOM_HTTP_HEADER = token

      config || $q.when(config)

    # This will be called on every incoming response that has en error status code
    responseError: (response) ->

      matchesAuthenticatePath = response.config && response.config.url.match(new RegExp('api/v1/users/login/'))
      if not matchesAuthenticatePath
        $injector.get('$rootScope').$broadcast({
          401: "not-authenticated",
        }[response.status], response)

      $q.reject(response)
  }
]
	app = angular.module 'AppAuth', []

	app.factory 'AuthService', ['$http', 'Session', 'AuthToken', ($http, Session, AuthToken) ->
	{
	login: (username, password) ->
	$http.post('api/v1/users/login/', {
	username: username
	password: password
	}).then (response) ->
	AuthToken.set(response.data.records.privateKey) if response.data._meta.status == 'SUCCESS'
	Session.set "currentUser", JSON.stringify response.data.records.user
	response.data.records.user

	isGuest: ->
	AuthToken.get() is null

	currentUser: ->
	JSON.parse(Session.get "currentUser")

	logout: ->
	Session.clear "currentUser"
	AuthToken.clear()
	}
	]

	app.factory 'AuthToken', ['$window', ($window) ->
	authStorage = {
	get: ->
	$window.localStorage.getItem("sc_api_key")

	set: (value) ->
	$window.localStorage.setItem("sc_api_key", value)

	clear: ->
	$window.localStorage.removeItem("sc_api_key")
	}
	authStorage
	]

	app.factory 'Session', ['$window', ($window) ->
	sStorage = {
	get: (key) ->
	$window.sessionStorage.getItem "__#{key}"

	set: (key, value) ->
	$window.sessionStorage.setItem "__#{key}", value

	clear: (key) ->
	$window.sessionStorage.removeItem "__#{key}"
	}
	sStorage
	]

	app.config ['$routeProvider', ($routeProvider) ->
	$httpProvider.interceptors.push("AuthInterceptor")

	$routeProvider.when '/', {
	templateUrl: 'partials/home.html'
	access: 'guest'
	}
	.when '/dashboard', {
	templateUrl: 'partials/dash.html'
	controller: 'DashCtrl'
	access: 'authorized'
	}
	.otherwise({ redirectTo: '/' });
	]

	app.run ['$rootScope', 'AuthService', ($rootScope, AuthService)->

	$rootScope.$on '$routeChangeStart', (event, next, current) ->
	if AuthService.isGuest() and next.access is "authorized"
	$rootScope.$broadcast "not-authenticated"

	$rootScope.$on "not-authenticated", ->
	# Perform an action here, either redirect to login route or show a
	# login modal

	]

	app.factory "AuthInterceptor", ['$q', '$injector', 'uiBlock', ($q, $injector, uiBlock) ->
	{
	#This will be called on every outgoing http request
	request: (config)->

	AuthToken = $injector.get("AuthToken")
	token = AuthToken.get()
	config.headers = config?.headers \|\| {}
	if token? and config.url.match(new RegExp('api/v1/')) then config.headers.CUSTOM_HTTP_HEADER = token

	config \|\| $q.when(config)

	# This will be called on every incoming response that has en error status code
	responseError: (response) ->

	matchesAuthenticatePath = response.config && response.config.url.match(new RegExp('api/v1/users/login/'))
	if not matchesAuthenticatePath
	$injector.get('$rootScope').$broadcast({
	401: "not-authenticated",
	}[response.status], response)

	$q.reject(response)
	}
	]