Last active
August 29, 2015 14:11
-
-
Save ragingprodigy/d280be582f6b5cd4c09f to your computer and use it in GitHub Desktop.
AngualrJS Module to help in Web Application authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
app = angular.module 'AppAuth', [] | |
app.factory 'AuthService', ['$http', 'Session', 'AuthToken', ($http, Session, AuthToken) -> | |
{ | |
login: (username, password) -> | |
$http.post('api/v1/users/login/', { | |
username: username | |
password: password | |
}).then (response) -> | |
AuthToken.set(response.data.records.privateKey) if response.data._meta.status == 'SUCCESS' | |
Session.set "currentUser", JSON.stringify response.data.records.user | |
response.data.records.user | |
isGuest: -> | |
AuthToken.get() is null | |
currentUser: -> | |
JSON.parse(Session.get "currentUser") | |
logout: -> | |
Session.clear "currentUser" | |
AuthToken.clear() | |
} | |
] | |
app.factory 'AuthToken', ['$window', ($window) -> | |
authStorage = { | |
get: -> | |
$window.localStorage.getItem("sc_api_key") | |
set: (value) -> | |
$window.localStorage.setItem("sc_api_key", value) | |
clear: -> | |
$window.localStorage.removeItem("sc_api_key") | |
} | |
authStorage | |
] | |
app.factory 'Session', ['$window', ($window) -> | |
sStorage = { | |
get: (key) -> | |
$window.sessionStorage.getItem "__#{key}" | |
set: (key, value) -> | |
$window.sessionStorage.setItem "__#{key}", value | |
clear: (key) -> | |
$window.sessionStorage.removeItem "__#{key}" | |
} | |
sStorage | |
] | |
app.config ['$routeProvider', ($routeProvider) -> | |
$httpProvider.interceptors.push("AuthInterceptor") | |
$routeProvider.when '/', { | |
templateUrl: 'partials/home.html' | |
access: 'guest' | |
} | |
.when '/dashboard', { | |
templateUrl: 'partials/dash.html' | |
controller: 'DashCtrl' | |
access: 'authorized' | |
} | |
.otherwise({ redirectTo: '/' }); | |
] | |
app.run ['$rootScope', 'AuthService', ($rootScope, AuthService)-> | |
$rootScope.$on '$routeChangeStart', (event, next, current) -> | |
if AuthService.isGuest() and next.access is "authorized" | |
$rootScope.$broadcast "not-authenticated" | |
$rootScope.$on "not-authenticated", -> | |
# Perform an action here, either redirect to login route or show a | |
# login modal | |
] | |
app.factory "AuthInterceptor", ['$q', '$injector', 'uiBlock', ($q, $injector, uiBlock) -> | |
{ | |
#This will be called on every outgoing http request | |
request: (config)-> | |
AuthToken = $injector.get("AuthToken") | |
token = AuthToken.get() | |
config.headers = config?.headers || {} | |
if token? and config.url.match(new RegExp('api/v1/')) then config.headers.CUSTOM_HTTP_HEADER = token | |
config || $q.when(config) | |
# This will be called on every incoming response that has en error status code | |
responseError: (response) -> | |
matchesAuthenticatePath = response.config && response.config.url.match(new RegExp('api/v1/users/login/')) | |
if not matchesAuthenticatePath | |
$injector.get('$rootScope').$broadcast({ | |
401: "not-authenticated", | |
}[response.status], response) | |
$q.reject(response) | |
} | |
] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment