我可以或应该在 Angularjs 中使用全局变量来存储登录用户吗? [英] Can I or Should I use a Global variable in Angularjs to store a logged in user?
问题描述
我是 angular 的新手,正在开发我的第一个真实"应用程序.我正在尝试构建一个日历/计划应用程序(源代码都可以在 github 上看到)如果有用户登录(即显示与他们相关的详细信息),我希望能够更改内容,但这里有一个问题:
I'm new to angular and developing my first 'real' application. I'm trying to build a calendar/scheduling app ( source code can all be seen on github ) and I want to be able to change the content if there is a user logged in (i.e. display details relevant to them) but here's the catch:
我不希望应用依赖于登录用户(需要可以配置为公开、私密或两者兼有)
I don't want the app to be dependent on having a logged in user ( needs to be something that can be configured to work publicly, privately or both)
如果可以避免的话,我不想在这个应用程序中实现用户/登录(我想最终将我的应用程序包含在另一个应用程序中,在那里这可能会实现,但不一定使用任何特定的安全框架或仅限于任何)
I don't want to implement the user/login within this app if it can be avoided ( I want to eventually include my app in another app where this might be implemented but isn't necessarily implemented using any particular security frameworks or limited to any)
我有一个想法,创建一些全局变量 user 可以在我的应用程序中引用,或者如果我必须在这个应用程序中实现一个系统来完成这一切,我可以在以某种抽象的方式,以便可以注入不同的选项.
I had an idea of creating some global variable user that could be referenced through out my application, or if I had to implement a system to do it all in this app that I could do so in in some abstract way so that different options could be injected in.
我的一些想法或对我应该做的事情的理解可能是完全错误的,并且对基础知识一无所知,但我真的不知道我应该采取什么方法来做到这一点.
some of my ideas or understanding of what I should be doing may be completely wrong and ignorant of fundamentals but I genuinely do not know what approach I should take to do this.
如果相关,我目前没有任何后端,但最终希望使用 MongoDB 进行存储,使用 nodejs 进行服务,但我也想尝试保持开放性,以允许其他人使用不同的存储/后端,例如作为 sql 和 php
In case it is relevant I currently don't have any back-end but eventually hope use MongoDB for storage and nodejs for services but I also want to try keep it open-ended to allow others to use different storage/backends such as sql and php
是否有一个全局 user 变量/服务,我可以从另一个(父级?)应用程序注入/填充?
is there away to have a global uservariable/service that I could inject/populate from another (parent?) app?
如果是这样,最好的方法是什么?如果不是,我应该采取什么方法以及为什么?
If so what would be the best approach to do so? If Not, why and what approach should I take and why?
我相信从网上的评论和向我提出的一些建议,服务将是最好的选择但是我将如何从父应用程序注入此应用程序服务?
I Believe from comments online and some suggestion made to me that a service would be the best option BUT How would I go about injecting from a parent application into this applications service?
推荐答案
如果您的(单个)页面由服务器动态呈现并且服务器知道您是否已登录,那么您可以执行以下操作:
If your (single) page is rendered dynamically by the server and the server knows if you are logged-in or not, then you could do the following:
动态渲染脚本标签,产生:
Dynamically render a script tag that produces:
<script>
window.user = { id: 1234, name: 'User A', isLoggedIn: true };
</script>
对于未登录的用户:
<script>
window.user = { isLoggedIn: false };
</script>
为方便起见,将 user 复制到 angular 的 IOC 中的值:
For convinience, copy user to a value inside angular's IOC:
angular.module('myApp').value('user', window.user);
然后,您可以在 DI 中使用它:
Then, you can use it in DI:
angular.module('myApp').factory('myService', function(user) {
return {
doSomething: function() {
if (user.isLoggedIn) {
...
} else {
...
}
}
};
});
有些棘手的事情(你应该在做 [SEE COMMENTS] 之前做两次)扩展 $scope:
Something tricky (which you should thing twice before doing [SEE COMMENTS]) is extending the $scope:
angular.module('myApp').config(function($provide) {
$provide.decorator('$controller', function($delegate, user) {
return function(constructor, locals) {
locals.$scope._user = user;
return $delegate(constructor, locals);
};
});
});
这段代码装饰了 $controller 服务(负责构造控制器),基本上说 $scope 对象在传递给控制器之前,将被增强_user 属性.
This piece of code decorates the $controller service (responsible for contructing controllers) and basically says that $scope objects prior to being passed to controllers, will be enhanced with the _user property.
自动使用 $scoped 意味着您可以在任何视图、任何地方直接使用它:
Having it automatically $scoped means that you can directly use it any view, anywhere:
<div ng-if="_user.isLoggedIn">Content only for logged-in users</div>
这是有风险的,因为您最终可能会遇到与您在控制器中添加的原始 $scope API 或属性的命名冲突.
This is something risky since you may end up running into naming conflicts with the original $scope API or properties that you add in your controllers.
不用说,这些东西只在客户端运行,很容易被篡改.您的服务器端代码应始终检查用户并返回正确的数据子集或接受正确的操作.
It goes without saying that these stuff run solely in the client and they can be easily tampered. Your server-side code should always check the user and return the correct data subset or accept the right actions.
这篇关于我可以或应该在 Angularjs 中使用全局变量来存储登录用户吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
