search

Zemke / starter-laravel-angular

Laravel and AngularJS Starter Application Boilerplate featuring Laravel 5.3 and AngularJS 1.5.8
https://starter-laravel-angular.herokuapp.com
Other
369 stars 119 forks source link

Authentication for all pages? #22

Closed dmitov closed 8 years ago

dmitov commented 9 years ago

Anyone could give me tips on how to require authentication for all pages? Then if user logs in - to redirect to home page?

I've done something like this:

$routeProvider
      .when('/', {
        templateUrl: '/partials/index',
        controller: 'MainController',
        authenticate: true
      })
      .when('/:category/:action?/:id?', {
        templateUrl: function (params) {
          var allowedParams = ['category', 'action', 'id'];
          var paramVals = [];
          for (var key in params) {
            if (allowedParams.indexOf(key) !== -1) {
              paramVals.push(params[key]);
            }
          }
          return '/partials/' + paramVals.join('/');
        },
        authenticate: true
      })
      .otherwise({
        redirectTo: '/auth/login'
      });

But seems like something is not right.

Any tips?

Zemke commented 9 years ago

Users can be authentication with the API endpoint api/user/getByToken. The Angular service is here.

If you want to require authentication for anything, I would suggest to intercept any request and check authentication state of the user. An interceptor is already in use here. The auth token is already set there. You could redirect the user for example if it's not set. Keep in mind that you should also always have a server-side authentication check as client-side security can easily be bypassed.

If you have any more question, I'm glad to help.