Why us?

Process

Startup mindset and global level growth

Talent

How we attract and engage with the very best

Culture

The values that guide and inspire us
Services

Design

Create tailor-made apps to meet you goals

Develop

Build exceptional mobile and web apps

Scale your team

Speed up your in-house development.

Cloud

Deploy great apps ready to scale

End-to-end

Build products that matter
Work

All

Agtech

Healthcare

B2B SaaS

B2C

Retail

Government

Fintech

Energy
Insights

Playbook

Our daily work guiding principles

Blog

Our contribution to the community

Podcast

Our podcasts about product development

Education

Resources to improve your work

Meetups

Montevideo Web Developers meetup
Careers

Life at Octobot

What it’s like to be part
of our crew

Team

Get to know our skilled software dev team

Open positions

Join our team!
Contact us

Octobot

25 Nov 2016

AngularJS ui.router per view authorization

Most AngularJS applications need a routing mechanism to allow for navigation among it’s potentially multiple states. One of the most popular tools to do this is ui.router, which is awesome!

Using it, we face a situation in which some routes can be accessed by anyone, while others require authorization. For this cases we use the following elegant and easy mechanism, which consist of 3 simple steps.

Add a boolean attribute authenticate to each ui.ruoter state and choose a proper value for it.

				
					// ------------------------------------------------------------
// Public page - Authentication is NOT required.
// ------------------------------------------------------------
.state('public-page', {
    url: '/',
    authenticate: false,
    other attributes...
})

// ------------------------------------------------------------
// Private page - Authentication IS required.
// ------------------------------------------------------------
.state('private-page', {
    url: '/private-page',
    authenticate: true,
    other attributes...
})

Handle the user authentication status in some place that could be easily reached, like a service. It would be a good idea to have an Authentication service in charge of having the information about the authentication status, and a method to access this information (let’s say, AuthenticationService.isAuth())
Check for every state transition if the page that the user is trying to access is public or requires authentication, and based on that, complete the transition or abort it. A good place to perform this check is in the application’s run method.

				
					.run(['$rootScope', '$state', 'authService', function($rootScope, $state, AuthenticationService) {

    $rootScope.$on('$stateChangeStart', function(event, toState, toParams) {

        if (toState.authenticate && !AuthenticationService.isAuthenticated()) {
            // Remember toState and toStateParams.
            $rootScope.toState = toState.name;
            $rootScope.toStateParams = toParams;
            // Abort transition
            event.preventDefault();
            // Redirect to login page
            $state.go('login');
        }
    });
}])

Then, another interesting thing that you can do is to remember the toState value, to redirect to when the login succeeds.

				
					if ($rootScope.toState && $rootScope.toState !== 'login') {
    $state.go($rootScope.toState, $rootScope.toStateParams).then(function() {
        // Reset toState and toStateParams.
        $rootScope.toState = undefined;
        $rootScope.toStateParams = undefined;
    });
} else {
    $state.go('home');
}

That’s it. Simple and elegant, isn’t it?

AngularJS ui.router per view authorization

AngularJS ui.router per view authorization

See related posts

+ Quick links

Why us

Services

Work

Insights

Careers

Contact us

Why us

Services

Work

Insights

Careers

Contact