如何处理在角JS应用认证 [英] How to handle authentication in Angular JS application

问题描述

我在我的角度JS的应用程序实现一个身份验证系统。

我正打算像如下：

1. 获取用户信息（名称，并从登录表单传递）


2. 检查用户是否存在


3. 如果存在一个会话cookie和前端服务器响应将重定向到某个页面。


4. 然后用户会做一些任务，将生成API请求


5. API请求应该有一个于第3步中发送的cookie信息


6. 服务器检查是否发生的cookie与否，如果饼干被发现然后用API请求的结果作出回应。而在我的服务，我做这样的事情

    MyApp.service（'myAuth'，函数（$ HTTP，$ Q）{
        this.authHeader = NULL;
        this.checkAuth =功能（）{
        //做API调用，如果成功设置this.authHeader =响应
        }
        this.isAuthenticaed =功能（）{
            this.authHeader？返回this.authHeder：返回false;
       }

提交登录表单后，我会打电话给checkAuth并从我的服务器，同时做下一个REST调用我如何添加cookie信息，以及当用户登录后，在整个应用程序导航中我确实想获得我的会话cookie回检查isAuthenticaed真的还是假的，每次在Angularjs什么时候会做它重置设置它真正的从第一个呼叫后，导航到另一个页面？而且是我的方法好1-6或者你有什么具体的建议？
顺便说一句我检查previous这样的条目，但这些都不是我想知道的东西。

解决方案

我不知道你的后端，但是这是我怎么会做到这一点。

• 创建一个单独的登录页面（网址专用角不子视图或
  模态对话框）。


• 如果用户没有通过身份验证重定向到这个登录
  页。这是通过服务器重定向完成。此页可能会或可能不会使用
  棱角分明的框架，因为它只是涉及发送用户\\密码
  服务器。


• 从登录页面进行POST（不AJAX请求），并在服务器上进行验证。


• 在设置身份验证cookie中的服务器。 （不同的框架做不同的看法。ASP.Net形式设置身份验证cookie。）


• 一旦用户通过验证的用户重定向到实际应用的角度并加载它的所有组件。

这节省了任何code需要角度来管理客户端身份验证。如果此页面上的用户，他的土地进行身份验证并有饼干。

此外默认浏览器的行为是发送与每个请求的域名相关联的所有Cookie，所以你不要有棱角是否正在发送一些饼干或不用担心。

I am implementing an auth system in my angular js app.

What I am planning it like below:

1. Get user info(name and pass from login form)
2. Check whether user exists or not
3. if exists server respond with a session cookie and frontend will redirect to a certain page.
4. then user will do some task which will generate API request
5. API request should have cookie information that was sent on step 3
6. server check whether the cookie was generated or not and if cookie was found then respond with the API request results. And in my service I am doing something like

    MyApp.service('myAuth', function($http, $q) {
        this.authHeader = null;
        this.checkAuth = function(){
        //do api call and if success sets this.authHeader = response
        }
        this.isAuthenticaed = function(){
            this.authHeader ? return this.authHeder  : return false;
       }

After submitting the login form I will call checkAuth and get my session cookie back from my server, how I can add the cookie information while doing the next REST call and also when user will navigate throughout the application after log in I do want to check each time isAuthenticaed true or false, in Angularjs when it will navigate to another page does it resets after setting it true from the first call? And is my approach 1-6 good or do you have any specific suggestions? Btw I checked previous so entries but those are not what I want to know.

解决方案

I am not sure about your backend, but this is how i would do it

• Create a seperate login page (dedicated url not angular sub view or modal dialog).
• If the user is not authenticated redirect to this login page. This is done by server redirects. This page may or may not use angular framework, as it just involves sending a user\password to server.
• Make a POST (not AJAX request) from the login page, and verify on server.
• On the server set the auth cookie. (Different frameworks do it differently. ASP.Net sets form authentication cookie.)
• Once the user is authenticated redirect user to the actual angular app and load all its components.

This saves any code require to manage authentication on client side in Angular. If the user lands on this page he is authenticated and has the cookie.

Also default browser behaviour is to send all cookies associated with a domain with each request, so you don't have to worry if angular is sending some cookie or not.

这篇关于如何处理在角JS应用认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！