Angular2: Continuous User Authentication Guard

I am in the process of developing an application that requires strict authentication for all users.

To enforce this, I have created a LoggedInGuard. However, I find myself having to include canActivate: [LoggedInGuard] in every route definition within my router setup (excluding the LoginComponent).

Is there a more efficient way to achieve this functionality?

The structure of my files and modules is as follows:

app/
  AppModule
  AppRoutingModule
  AppComponent

  authentication/
    AuthenticationModule
    AuthenticationRoutingModule
    LoginComponent

  contacts/
    ContactsModule
    ContactsRoutingModule
    ContactListComponent

  users/
    UsersModule
    UsersRoutingModule
    UserEditComponent

  ...

Could it be feasible to create two distinct routing areas (one for login and another for the main app) and only apply the guard to the main app section?

I am optimistic that there exists a straightforward solution to this issue.

Thank you in advance!

angulartypescriptangular2-routingangular2-guards

Answer №1

I have developed a more organized approach for my application. My strategy involves categorizing pages into secured and public sections, using separate templates for each. By implementing public components and secure components, I can then apply the necessary guard protection to the appropriate template.

It is crucial to include [Guard] in the complete route requiring security measures.

When securing a route, I ensure to specify the parent routes in the app.routing.ts file.

const APP_ROUTES: Routes = [
    { path: '', redirectTo: '/home', pathMatch: 'full', },
    { path: '', component: PublicComponent, data: { title: 'Public Views' }, children: PUBLIC_ROUTES },
    { path: '', component: SecureComponent, canActivate: [Guard], data: { title: 'Secure Views' }, children: SECURE_ROUTES }
];

export const routing = RouterModule.forRoot(APP_ROUTES);

Pay attention to this particular line,

 { path: '', component: SecureComponent, canActivate: [Guard], data: { title: 'Secure Views' }, children: SECURE_ROUTES }

I establish two layouts:

/public/ for all public components

/public/public.routes.ts

/secure/ for all secure components

/secure/secure.routes.ts

Secure routes

Note that these specific routes do not require Guard since their handling is managed by the template parent.

export const SECURE_ROUTES: Routes = [
    { path: '', redirectTo: 'overview', pathMatch: 'full' },
    { path: 'items', component: ItemsComponent },
    { path: 'overview', component: OverviewComponent },
    { path: 'profile', component: ProfileComponent },
];

Main routes in app.routing.ts

const APP_ROUTES: Routes = [
    { path: '', redirectTo: '/home', pathMatch: 'full', },
    { path: '', component: PublicComponent, data: { title: 'Public Views' }, children: PUBLIC_ROUTES },
    { path: '', component: SecureComponent, canActivate: [Guard], data: { title: 'Secure Views' }, children: SECURE_ROUTES }
];

export const routing = RouterModule.forRoot(APP_ROUTES);

Within the /layouts directory, I create the following layout structure:

/layouts/secure.component.ts

/layouts/secure.component.html

/layouts/public.component.ts

/layouts/public.component.html

All traffic flows through either the public or secure layout, with the [Guard] reserved for secure routes only.

Moreover, I handle authentication utilizing a token stored locally.

@Injectable()
export class Guard implements CanActivate {

    constructor(protected router: Router, protected auth: Auth ) {}

     canActivate() {
        if (localStorage.getItem('access_token')) {
            // logged in so return true
            return true;
        }
        // not logged in so redirect to login page
        this.router.navigate(['/home']);
        return false;
    }
}

Once I configure my setup as detailed above, I organize all secure routes under the secure directory and public routes under the public directory. Route definitions are written in the respective public.routes.ts or secure.routes.ts file within their designated folder.

Answer №2

By consolidating my global guards into a router event listener, I was able to extend their coverage across multiple modules seamlessly.

To ensure that the event listener triggers for all requests, I incorporated it within the AppComponent.

It's important to note that even with this setup, you can still include custom guards for specific routes and they will function as intended.

Bypassing Guards

You have the option to eliminate the use of guards and handle the logic directly within the event listener.

// Code snippet showcasing how to manage authentication without guards
// This example assumes usage of an AuthenticationService
import { Component, OnInit } from '@angular/core';
import { Router, RoutesRecognized } from '@angular/router';
import { Observable } from 'rxjs/Observable';
import 'rxjs/add/operator/filter';

@Component({
  selector: 'app-root',
  templateUrl: './app.component.html',
  styleUrls: ['./app.component.css']
})
export class AppComponent implements OnInit {
  constructor(
      private router: Router,
      private authService: AuthenticationService
  ) {}

  ngOnInit() {
    // Event listener set up to handle authentication
    this.router.events
    .filter(event => event instanceof RoutesRecognized)
    .subscribe((event: RoutesRecognized) => {
      const url = event.urlAfterRedirects;

      if (url === '/public' || url.startsWith('/public/') || url.startsWith('/public?')) {
        return;
      }

      if (!this.authService.isAuthenticated()) {
        this.router.navigate(['/public/login'], { queryParams: { returnUrl: state.url } });
      }
    });
  }
}

Requests directed to sub-pages under /public will proceed freely, while other requests require authentication or get redirected to /public/login.

Ensure that the redirect page is not within the protected area to prevent looping issues.

Utilizing Existing Guards

In the following implementation, I demonstrate how to leverage existing guards to maintain code cleanliness or adherence to specific requirements.

// Implementation showcasing reusage of existing guards for added protection
import { Component, OnInit } from '@angular/core';
import { Router, ActivatedRoute, RoutesRecognized, CanActivate } from '@angular/router';
import { Observable } from 'rxjs/Observable';
import 'rxjs/add/operator/filter';

// Importing previously defined guards
import { AdminGuard, AuthGuard } from './_guards/index';


@Component({
  selector: 'app-root',
  templateUrl: './app.component.html',
  styleUrls: ['./app.component.css']
})
export class AppComponent implements OnInit {

  constructor(
      private route: ActivatedRoute,
      private router: Router,
      private adminGuard: AdminGuard,
      private authGuard: AuthGuard
  ) {}

  ngOnInit() {
    this.router.events
    .filter(event => event instanceof RoutesRecognized)
    .subscribe((event: RoutesRecognized) => {
      if (this.isSubPage(event, '/public')) {
        return;
      }

      if (!this.callCanActivate(event, this.authGuard)) {
        return;
      }

      if (this.isSubPage(event, '/admin')) {
        if (!this.callCanActivate(event, this.adminGuard)) {
          return;
        }
      }
    });
  }

  callCanActivate(event: RoutesRecognized, guard: CanActivate) {
    return guard.canActivate(this.route.snapshot, event.state);
  }

  isSubPage(event: RoutesRecognized, parent: string) {
    const url = event.urlAfterRedirects;
    return (url === parent
        || url.startsWith(parent + '/')
        || url.startsWith(parent + '?'));
  }
}

This modified version includes additional safeguards specifically targeting the /admin section to enforce administrative authorization in addition to general authentication requirements.

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Transform JSON into a TypeScript interface with a specialized Date method

Within my Angular 7 project, there is a Post Model defined as follows: export interface PostModel { id: number; created: Date; published: boolean; title: string; } I have implemented an Angular service method aimed at retrieving posts: public g ...

angulartypescriptangular6angular7

Waiting for the execution of the loop to be completed before proceeding - Typescript (Angular)

There's a code snippet triggered on an HTML page when clicked: public salaryConfirmation() { const matDialogConfig: MatDialogConfig = _.cloneDeep(GajiIdSettings.DIALOG_CONFIG); this.warningNameList = []; for(let i=0; i < this.kelolaDat ...

javascriptangulartypescript

The instantiation of generic types in Typescript

I have been working on a function that aims to create an instance of a specified type with nested properties, if applicable. This is the approach I have come up with so far. export function InitializeDefaultModelObject<T extends object> (): T { ...

angulartypescript

Exploring the capabilities of Angular 2 and delving into inquiries regarding IIS

I'm diving into the world of Angular 2 as a beginner. Previously, I used to include JavaScript (like jQuery.js) in my HTML and then upload the finished page to my IIS website. Now that I'm learning Angular 2, I've had to install Node.js, NP ...

javascriptnode.jsangularnpmiis-7

What should be done in the absence of any subscriptions?

Incorporating a generic HTTP service to encapsulate certain HTTP behaviors is part of our system. In case of an error, we include the error in a BehaviorSubject. I am contemplating on whether there is a method to display this error only if no one is subsc ...

angular

Generate a list of items in typescript, and then import them into a react component dynamically

I have a variable that stores key/value pairs of names and components in a TypeScript file. // icons.tsx import { BirdIcon, CatIcon } from 'components/Icons'; interface IconMap { [key: string]: string | undefined; } export const Icons: IconM ...

reactjstypescriptnext.js

Ways to emphasize the chosen row within angular js 4

Today, I am exploring an example to understand how data can be passed from a parent component to a child component and back. Below are the files that I have used for this example. I have included both the HTML and TypeScript files for both the parent and ...

javascriptangularangular-components

I encountered an issue with uploading an image file in Angular and am currently experiencing an error

media.components.html <div class="row justify-content-center" style="position:relative;top:105px;"> <div class="col-md-6"> <!-- form company info --> <div class="card card-outline-secondary"> <div ...

angular

Generating a default template for an Angular ag-Grid cell with a custom field name - how to do it?

I am currently working with ag-grid and have specific templates for many columns. However, some of the data I am inputting into the table are just plain text. I want to enhance the default case: <ng-template #defaultRecord let-record> ADDITIONAL E ...

javascriptangularag-gridag-grid-angular

Using TypeScript's Non-Null Assertion Operators in combination with square brackets []

One way to assert that an object has a certain property is by using the `!.` syntax as shown below: type Person = { name: string; age: number; gender?: string; } const myPerson: Person = { name: 'John Cena', age: 123, gender: 's ...

typescript

Angular HTML layout designed for seamless interaction

<div class ="row"> <div class ="col-md-6"> Xyz </div> <div class ="col-md-6"> Abc </div> </div> Using the code above, I can easily create a layout with two columns. Th ...

htmlcssangularbootstrap-4flexbox

What is the best way to send an object to an Angular form?

I am facing an issue with my Spring entity, Agent, which includes an Agency object. When adding a new agent, I need to pass the agency as an object in the Angular form. While the backend code is functioning correctly, I am struggling to figure out how to p ...

angularspringtypescriptformsjpa

Angular Form Template Unidirectional Data Binding Example

I'm facing a challenge with one-way binding to a default value in my HTML form. Within my component, I have a Connection string that is initially set from local storage: export class AuthAdminComponent implements OnInit { public authenticated = f ...

formsangulardata-binding

Determining in Angular 8 whether a value has been altered by a user or by a method call

Within my select element, the value is currently being assigned through an ngOnInit call. Here is an example of the HTML code: <select name="duration" [(ngModel)]="exercisePlan.duration" (ngModelChange)="onChange($event)"> <option *ngFor="l ...

htmlangulartypescript

Exploring the concept of data sharing in the latest version of Next.JS - Server

When using App Router in Next.JS 13 Server Components, the challenge arises of not being able to use context. What would be the most effective method for sharing data between various server components? I have a main layout.tsx along with several nested la ...

javascripttypescriptnext.jsnext.js13app-router

Accessing a variable within a function in Angular

Recently I started working with Angular and encountered an issue while trying to access a variable inside a function. Below is the code snippet that's causing me trouble: mergeImages() { var imgurl; var canvas: HTMLCanvasElement = this.canv ...

angulartypescript

Converting axios response containing an array of arrays into a TypeScript interface

When working with an API, I encountered a response in the following format: [ [ 1636765200000, 254.46, 248.07, 254.78, 248.05, 2074.9316693 ], [ 1636761600000, 251.14, 254.29, 255.73, 251.14, 5965.53873045 ], [ 1636758000000, 251.25, 251.15, 252.97, ...

javascriptreactjstypescriptaxios

Tips on informing the TS compiler that the value returned by a custom function is not null

There might be a way to make this code work in TypeScript, even though it's currently showing some errors regarding possible undefined values. Take a look at the code snippet: const someArray: foo[] | null | undefined = [...] // TS fail: someArray ...

reactjstypescript

What is the correct way to close an ngx-contextmenu in an Angular application?

In my angular project, I implemented an ngx-contextmenu. Within one of my components, the template includes the following code: <div... [contextMenu]="basicMenu"> <context-menu>..... </div> After some time, the component with the conte ...

angulartypescriptngx-contextmenu

I am encountering an issue where my application is not recognizing the angular material/dialog module. What steps can I take to resolve this issue and ensure that it functions properly?

For my Angular application, I am trying to incorporate two Material UI components - MatDialog and MatDialogConfig. However, it seems like there might be an issue with the placement of these modules as all other modules are functioning correctly except fo ...

angulartypescriptangular-materialnode-modulestsc