0

I am a newbie to token based authentication. I want to restrict the user to specific pages on my site (check his authentication) and saw that jwt is best way to implement it and followed the tutorial here: https://devdactic.com/restful-api-user-authentication-2/, but how could I restrict the user from accessing the pages (ask him to login)? Here the author says he has used AuthInterceptor which checks for authentication part. But I am confused with the auth interceptor. Can any one explain we how could I restrict the user (like is the restriction part of code is server side or client side, if it is server side can I have a code reference in node.js)?

N. Pavon
  • 821
  • 4
  • 15
  • 32
vanquishers
  • 358
  • 1
  • 3
  • 18

1 Answers1

1

I attach a JWT on each request for data from my server. The code looks like this:

    return {
      request: function(config) {
        var jwt;
        if(isApiRequest(config.url)) {
          config.url = baseUrl + '/api/v1/' + config.url;
          jwt = store.get(JWT);
          if(jwt)
            config.headers.Authorization = "Bearer "+jwt;
        }
        return config;
      }
    };

However what you want to do is to determine if the user has a JWT (and a valid one at that - which would be validated by the server) and, if so, they can access certain pages.

I'd say that could be done by monitoring the $stateChange event:

$rootScope.$on('$stateChangeStart', function(evt, toState, toParams, fromState, fromParams) {
     var jwt = store.get('JWT');          
     if(!jwt)
       $state.go('go-back-to-login-view');
    });
Katana24
  • 8,706
  • 19
  • 76
  • 118
  • http://stackoverflow.com/questions/38160209/getting-parent-index-inside-a-custom-directice can you help regarding this – vanquishers Jul 02 '16 at 12:56