node.js - Serve Angular app with express if user is authenticated -


we're building app created users in our database. app should not accessible no 1 else.

our thought serve simple html file, info app have. our backend app should nodejs , should check if user has cookie provided our authentication api , attached our domain. if user has cookie, should provide them app folder.

we want protect our js files , files belonging app public if not authenticated.

in simple html file, should have button says: "i'm authenticated, let me browse app".

<html lang="en"> <head>   <meta charset="utf-8">   <title>landing page</title> </head> <body>   <h1>landing page app!!!</h1>   <input onclick="location.href='/app';" type="submit"     value="i'm authenticated, let me browse app!"/> </body> </html>

the node server has route called /app.

const express = require('express'); const app = express(); const port = process.env.port || 9090; const fs = require('fs');  app.use(express.static('public')); //only contains index.html  app.listen(port, (err) => {   if (err) {     console.log(err);   } });  app.get('/app', (req, res) => {   if(req.user.isauthenticated){       //psuedo code below       res.send(wholeangularapptouser());   }   else{       // user should stay on landing page        // information not authenticated   } });

how can send whole angular app user?

unless 'i'm authenticated' button serves purpose during authentication process (like send credentials) should rid of , try access app directly. angular apps served static files should set static route that's protected middleware:

app.use('/app', function(req, res, next) {   if (req.user.isauthenticated) {     next()   } else {     res.sendfile(path.join(__dirname, 'public/index.html'))   } }) app.use('/app', express.static('/app');

of course, wouldn't accept "isauthenticated" flag in request user being authenticated swap middleware bit more secure.


Comments

Post a Comment

Popular posts from this blog

android - InAppBilling registering BroadcastReceiver in AndroidManifest -

i'm implementing inapp billing in android app. works well, however, i'm trying decouple broadcast receiver activity manifest. suggestion in android's trivialdrive sample: // important: dynamically register broadcast messages updated purchases. // register receiver here instead of <receiver> in manifest // because call getpurchases() @ startup, therefore can ignore // broadcasts sent while app isn't running. // note: registering listener in activity bad idea, done here // because sample. regardless, receiver must registered after // iabhelper setup, before first call getpurchases(). currently there's class extends broadcastreceiver : public class iabbroadcastreceiver extends broadcastreceiver { /** * intent action receiver should filter for. */ public static final string action = "com.android.vending.billing.purchases_updated"; private final iabbroadcastlistener mlistener; public iabbroadcastreceiver(iabbroadcastlistener listener) { m...
Read more

python Tkinter Capturing keyboard events save as one single string -

is possible store keyboard events 1 string? code below stores 1 char , prints it. card reader or bar code reader, contains collection of character/ string not 1 character @ time. goal save char pressed text variable. from tkinter import * root = tk() def key(event): text= event.char text+= event.char print ("pressed", text) def callback(event): frame.focus_set() print ("clicked at", event.x, event.y) frame = frame(root, width=100, height=100) frame.bind("<key>", key) frame.bind("<button-1>", callback) frame.pack() root.mainloop() currently, creating text variable , everytime key() function gets called, , text stores last character typed. you can define text module level variable , , use module level text inside key function - text = '' def key(event): global text text+= event.char print("pressed", text)
Read more

sql server - Why does Linq-to-SQL add unnecessary COUNT()? -

here tables: create table customer ( cid int primary key, name varchar(32) ) create table ord ( oid int primary key, cid int foreign key references customer, address varchar(20) ) here's linq-to-sql statement: var aaa = c in db.customer select new { c, o = c.ord.tolist() }; and here's inexplicable query generated linq-to-sql: select [t0].[cid] [cid], [t0].[name] [name], [t1].[oid] [oid], [t1].[cid] [cid2], [t1].[address] [address], (select count(*) [dbo].[ord] [t2] [t2].[cid] = [t0].[cid]) [value] [dbo].[customer] [t0] left outer join [dbo].[ord] [t1] on [t1].[cid] = [t0].[cid] order [t0].[cid], [t1].[oid] i want understand how rid of count(*) part. it's entirely uncalled for! linq needs count(*) in order determine number of entries returned o = c.ord.tolist() .
Read more