I'm trying to add some basic authentication layer with Ember, to avoid users that are not logged to access the 'restricted' states.
The issue is I'm checking for the authentication status in the 'enter' event, but even if I redirect to another route from there, the 'connectOutlets' is always called.
Is there a way to stop entering in the 'connectOutlets' state from the 'enter' state? It feels a bit dirty to put authentication check in the 'connectOutlets' state
Is there a way to stop entering in the 'connectOutlets' state from the 'enter' state? It feels a bit dirty to put authentication check in the 'connectOutlets' state
AFAIK there is not a straightforward way to do this. There have been some attempts to work-around but I would not recommend for your use case.
I'm trying to add some basic authentication layer with Ember, to avoid users that are not logged to access the 'restricted' states.
Ember doesn't really have 'restricted' states. Think of 'state' as meaning 'what the user asked for' and not necessarily what they will be given access to. So a user can change url at any time and get to any 'state', but your app's behavior in each state will change depending on model data. Controllers decide what is shown based on user's authorization level and data returned by your API.
By far the easiest way to accomplish this is by wrapping your application template in an authorization check. For example:
{{#if isAuthorized}}
<h1>Welcome!<h1>
{{outlet}}
{{else}}
{{#if isLoggedIn}}
<p>Sorry, you are not authorized to view this page</p>
{{else}}
{{view App.LoginForm }}
{{/if}}
{{/if}}
Then just add isAuthorized and isLoggedIn computed properties to your application controller.
