v0.0.9 Angular $resource for Authorication - zhentian-wan/MEANAppsFiles GitHub Wiki

Display

We want if the user logs in as admin, then we display a User Admin li for the admin. If user is not admin, then we don't display it.

         ul.dropdown-menu
            li
               a(href="/admin/user" ng-show="account.user.isAdmin()") User Admin
            li
               a(href="" ng-click="account.signout()") Sign Out

Server

We use get users data, we want to use a middle ware to check whether he is admin or not. If he passes the middleware, then it means he is admin, then he can get users data form the collection.

    //protect our server side resource
    app.get('/api/users', auth.requireRole('admin'), function(req, res){
        User.find({}).exec(function(err, collection) {
            res.send(collection);
        })
    });

config/auth.js Express wants middleware as a function, so we should return a function. We check whether the user is a logged in user, if not send 403 status code. req.user contains the current logged in user. Check its role is admin or not, if not a admin, send 403 back.

exports.requireRole = function(role) {
    return function(req, res, next) {
        if(!req.isAuthenticated() || req.user.role.indexOf(role) === -1){
            res.status(403);
            res.end();
        }else{
            next();
        }
    };
};

Client

We create a new js file called Users.js.

It uses AngularJS $resource service. Add a method call isAdmin to check whether the current User is Admin.

User.js

angular.module('app')

    .factory('UserResource', function($resource){
        var UserResource = $resource('/api/users/:id', {_id: "@id"});
        UserResource.prototype.isAdmin = function() {
            return this.role && this.role.indexOf('admin') > -1
        };

        return UserResource;
    });

loginService.js

So when user logs in. We extends user object by adding UserResource object. So that we can use $resource to control the authorization.

   //Use user resource
   var user = new UserResource();
   //extend user object by adding user info
   angular.extend(user, response.user);
   IdentityFactory.currentUser = user;
   resolve(true);

identify.js

    if($window.bootstrappedUserObject ){

        currentUser = new UserResource();
        angular.extend(currentUser, $window.bootstrappedUserObject);
    }

    factory.currentUser = currentUser;