debloper
commented
8 years ago The routing (and the context-flow) as a whole is not implemented at its best. routeProvider & the associated controllers need to be revamped overall.
In that process, we need to include a middleware to check authentication (for any page) and redirect to /login page if not. Currently /login is the landing/default view, with all the app's base DOM structure (and it shouldn't be).
mbukatov
I think there should be only login related forms/information on login page. If I look into DOM I see for example searchbar(
//*[@id='search']) which is not visible and is still in page. I think this can be potential securty issue.