I've implemented satellizer(https://github.com/sahat/satellizer) as my authentication. What I want is something along (https://github.com/fnakstad/angular-client-side-auth)'s method of access levels and role permission, based on this:
I have added a role field to my userSchema on the server side that. How would I implement a system like this to check which role the authenticated user has, and then use that to show/protect certain routes in app.js's stateprovider? I've been trying to implement this for some time without any progress.
EDIT: after checking the link @paul linked this is what I've come to thus far.
.state('admin', {
url: '/admin',
template: 'Scripts/App/partials/admin.html',
controller: 'AdminCtrl',
resolve: {
security: ['$q', function ($q) {
if(!isAdmin()) {
return $q.reject('Not Authorized');
}
}]
}
})
function isAdmin($http, $scope) {
$http.get('http://localhost:3000/api/isadmin')
.success(function (response) {
$scope.role = response.data.role;
console.log($scope.role);
});
if ($scope.role == 'admin') {
console.log($scope.role);
return true;
}
else {
return false;
}
}
App.run(['$rootScope', function ($rootScope) {
$rootScope.$on('$stateChangeError', function (e, toState, toParams, fromState, fromParams, error) {
if (error === "Not Authorized") {
$state.go("notAuthorizedPage");
}
});
}]);
These are all in app.js, and this is where I'm stuck. What am I doing wrong?
