Angularjs 登录认证:防止用户导航到除登录页面和注册页面之外的其他页面
Angularjs Login Authentication: Prevent user navigate to other page except login page and registration page
我正在为我的前端使用 AngularJS 框架开发 Web 应用程序。对于我的登录页面,我必须防止用户浏览到除登录页面和注册之外的其他页面。但是我现在所做的代码也阻止用户导航到注册页面。以下是我的代码。如何解决这个问题,让用户只有在没有登录的情况下才能浏览到登录页面和注册页面。
.run(function ($rootScope, $state, AuthService, AUTH_EVENTS) {
$rootScope.$on('$stateChangeStart', function (event,next, nextParams, fromState) {
if ('data' in next && 'authorizedRoles' in next.data) {
var authorizedRoles = next.data.authorizedRoles;
if (!AuthService.isAuthorized(authorizedRoles)) {
event.preventDefault();
$state.go($state.current, {}, {reload: true});
$rootScope.$broadcast(AUTH_EVENTS.notAuthorized);
}
}
if (!AuthService.isAuthenticated()) {
if (next.name !== 'login') {
event.preventDefault();
$state.go('login');
}
}
});
您可以通过在 .state 的数据 属性 中添加一个布尔参数来实现这一点,比如说 requiresAuth 并在 .[=29= 中也检查一下]块;
下面是
的伪代码
在 .config 块
$stateProvider
.state("register", {
url: '/register',
templateUrl: 'register.html',
controller:'UserController',
controllerAs: 'vm',
data: {
requiresAuth: false,
pageTitle: 'Register'
}
})
.state("dashboard", {
url: '/dashboard',
templateUrl: 'dashboard.html',
controller:'OtherController',
controllerAs: 'vm',
data: {
requiresAuth: true,
pageTitle: 'Dashboard',
authorizedRoles: ['WHATEVER_ROLE']
}
});
并在 .运行 区块
var stateChangeStart = $rootScope.$on('$stateChangeStart', function(event, toState, toParams) {
if (AuthService.isAuthenticated()) {
// if user trying to access register/forgot page after login than redirect to dashboard
if (!toState.data.requiresAuth) {
event.preventDefault();
$rootScope.$broadcast(AUTH_EVENTS.notAuthorized);
}
// user is not authenticated and trying to access page which is not permissible than send back to dashboard
if (angular.isDefined(toState.data.authorizedRoles)) {
var roles = toState.data.authorizedRoles;
AuthService.isAuthorized(roles).catch(function() { // NOTE: here we are only handling with .catch block
event.preventDefault();
$rootScope.$broadcast(AUTH_EVENTS.notAuthorized);
});
}
}
// user is not authenticated than redirect to login
else if (toState.data.requiresAuth) {
event.preventDefault();
$rootScope.$broadcast(AUTH_EVENTS.notAuthenticated);
}
});
var notAuthenticated = $rootScope.$on(AUTH_EVENTS.notAuthenticated, function() {
$log.warn('not authenticated');
$state.go('login', null, {});
return;
});
var notAuthorized = $rootScope.$on(AUTH_EVENTS.notAuthorized, function() {
$log.warn('not authorized');
$state.go('dashboard');
return;
});
// DO NOT forget to destroy
$rootScope.$on('$destroy', notAuthenticated);
$rootScope.$on('$destroy', notAuthorized);
$rootScope.$on('$destroy', stateChangeStart);
我正在为我的前端使用 AngularJS 框架开发 Web 应用程序。对于我的登录页面,我必须防止用户浏览到除登录页面和注册之外的其他页面。但是我现在所做的代码也阻止用户导航到注册页面。以下是我的代码。如何解决这个问题,让用户只有在没有登录的情况下才能浏览到登录页面和注册页面。
.run(function ($rootScope, $state, AuthService, AUTH_EVENTS) {
$rootScope.$on('$stateChangeStart', function (event,next, nextParams, fromState) {
if ('data' in next && 'authorizedRoles' in next.data) {
var authorizedRoles = next.data.authorizedRoles;
if (!AuthService.isAuthorized(authorizedRoles)) {
event.preventDefault();
$state.go($state.current, {}, {reload: true});
$rootScope.$broadcast(AUTH_EVENTS.notAuthorized);
}
}
if (!AuthService.isAuthenticated()) {
if (next.name !== 'login') {
event.preventDefault();
$state.go('login');
}
}
});
您可以通过在 .state 的数据 属性 中添加一个布尔参数来实现这一点,比如说 requiresAuth 并在 .[=29= 中也检查一下]块;
下面是
的伪代码在 .config 块
$stateProvider
.state("register", {
url: '/register',
templateUrl: 'register.html',
controller:'UserController',
controllerAs: 'vm',
data: {
requiresAuth: false,
pageTitle: 'Register'
}
})
.state("dashboard", {
url: '/dashboard',
templateUrl: 'dashboard.html',
controller:'OtherController',
controllerAs: 'vm',
data: {
requiresAuth: true,
pageTitle: 'Dashboard',
authorizedRoles: ['WHATEVER_ROLE']
}
});
并在 .运行 区块
var stateChangeStart = $rootScope.$on('$stateChangeStart', function(event, toState, toParams) {
if (AuthService.isAuthenticated()) {
// if user trying to access register/forgot page after login than redirect to dashboard
if (!toState.data.requiresAuth) {
event.preventDefault();
$rootScope.$broadcast(AUTH_EVENTS.notAuthorized);
}
// user is not authenticated and trying to access page which is not permissible than send back to dashboard
if (angular.isDefined(toState.data.authorizedRoles)) {
var roles = toState.data.authorizedRoles;
AuthService.isAuthorized(roles).catch(function() { // NOTE: here we are only handling with .catch block
event.preventDefault();
$rootScope.$broadcast(AUTH_EVENTS.notAuthorized);
});
}
}
// user is not authenticated than redirect to login
else if (toState.data.requiresAuth) {
event.preventDefault();
$rootScope.$broadcast(AUTH_EVENTS.notAuthenticated);
}
});
var notAuthenticated = $rootScope.$on(AUTH_EVENTS.notAuthenticated, function() {
$log.warn('not authenticated');
$state.go('login', null, {});
return;
});
var notAuthorized = $rootScope.$on(AUTH_EVENTS.notAuthorized, function() {
$log.warn('not authorized');
$state.go('dashboard');
return;
});
// DO NOT forget to destroy
$rootScope.$on('$destroy', notAuthenticated);
$rootScope.$on('$destroy', notAuthorized);
$rootScope.$on('$destroy', stateChangeStart);