A handy security provider for Angular JS. Works with MVC 5's SPA template without any modifications to the backend code.
install-package AngularJs.SPA.Security
angular-spa-security.js
script provided by this component into your appsecurity
as a module dependency to your appangular.module('app',['SignalR'])
.config(['securityProvider', function(securityProvider){
//Modify provider settings
securityProvider.events.login = function(security, user){
alert('Hello '+user.userName);
}
securityProvider.usePopups = false;
}])
.run(['$rootScope','security', function($rootScope, security){
$rootScope.security = security; //So you can access security variables and methods anywhere
}])
.controller('SecretPageCtrl', ['security', function(security){
security.authenticate(); //If user isn't authenticated, will send them to the login page
}])
.controller('LoginCtrl', ['security','$scope', function(security, $scope){
security.redirectAuthenticated('/'); //If the user is already authenticated, send them to the homepage
$scope.login = function(user){
security.login(user).then(function(user){
//Success
//Automatically sends them back to the page they were trying to access or the home page
}, function(errorData){
//Error
});
}
}])
<h4>Or Login With</h4>
<button class="btn btn-default" ng-repeat="login in security.externalLogins" ng-bind="login.name" ng-click="security.loginWithExternal(login)"></button>
registerThenLogin
when registering automatically log in right after trueurls.login
url of login page /loginurls.postLogout
url of where to send the user after logout /loginurls.registerExternal
url of where to send the user after returning from OAuth on first login with that account /registerExternalurls.home
url of where to send the user after login /usePopups
whether or not to open the authentication pages in a popup *Only Works in Chrome Can only set a value on the popup opener after a redirect in ChromeapiUrls.join
where to send registration request /api/account/registerapiUrls.login
where to send login request /tokenapiUrls.logout
where to send the logout request /api/account/logoutapiUrls.userInfo
where to send the userInfo request /api/account/userInfoapiUrls.changePassword
where to send the changePassword request /api/account/changePasswordevents
hooks for functions that will be called during these corresponding events: login, logout, register, reloadUser, closeOAuthWindowuser
holds the response from login request - using the login event hook you can override thisexternalUser
holds the response from external login request when the user doesn't already have an accountexternalLogins
array of the available 3rd party login providers - providers are objects like {name: 'Twitter', url:'/api/account/...'}
login(data)
login with the data from the data object (username, password)loginWithExternal(login)
attempt to login using the specified login provider from the externalLogins array - redirect to external register if the don't already have an account see example abovelogout()
logout the current userregister(data)
register with the data from the data object (username, password, confirmPassword)registerExternal()
send the updated externalUser data for updating and get the new 3rd party token and loginchangePassword(data)
change the password with the data object (oldPassword, newPassword, confirmPassword)