fixes #4505

parent e55d20cb
......@@ -10,6 +10,11 @@
Sign in</button>
</form>
</div>
<div class="col-sm-6 col-md-4 col-md-offset-4">
<div class="alert alert-warning" role="alert"><span class="glyphicon glyphicon-info-sign"></span>
Username and password are filled in by default.
</div>
</div>
</div>
</div>
......@@ -19,6 +24,4 @@
Contact: {{user.email}}
</div>
</div>
{{rejection}}
......@@ -20,6 +20,10 @@ var archivingPortalClient = angular.module('archivingPortalClient',
'archivingPortalClient.projectService'
]);
archivingPortalClient.run(function ($rootScope) {
$rootScope.portalApiUrl = "http://localhost:8080/";
});
/**
* Define all routes, partials and controllers in the application.
* Every new "place" has to be added here for Angular to pick up on it.
......@@ -28,12 +32,12 @@ archivingPortalClient.config(['$routeProvider', function($routeProvider) {
$routeProvider.when('/', {
templateUrl: 'partials/main.html',
controller: MainController,
controller: MainController
});
$routeProvider.when('/project', {
templateUrl: 'partials/project.html',
controller: ProjectController,
controller: ProjectController
});
$routeProvider.otherwise({
......@@ -46,7 +50,7 @@ archivingPortalClient.config(['$routeProvider', function($routeProvider) {
* Redirect to login if 401 is returned by the service.
* A 401 means no access, and it is neccessary to re-authenticate.
*/
archivingPortalClient.factory('authHttpResponseInterceptor',['$q','$location','$log' ,function($q, $location, $log){
archivingPortalClient.factory('authHttpResponseInterceptor',['$q','$location','$log', '$rootScope' ,function($q, $location, $log, $rootScope){
return {
response: function(response){
if (response.status === 401) {
......@@ -57,8 +61,8 @@ archivingPortalClient.factory('authHttpResponseInterceptor',['$q','$location','$
},
responseError: function(rejection) {
if (rejection.status === 401) {
$log.error("Response Error 401 @ ", rejection);
$location.path('/').search('returnTo', $location.path());
$log.error(rejection);
$location.path('/');
}
return $q.reject(rejection);
......@@ -89,24 +93,16 @@ archivingPortalClient.config(['$httpProvider',function($httpProvider) {
});
}]);
archivingPortalClient.run(function ($rootScope) {
$rootScope.portalApiUrl = "http://localhost:8080/";
});
/**
* Intercept all requests.
* All requests will have their header modified with the Oauth2 access_token if
* one is available in the $rootScope. Note that this scope resets on page refresh.
*/
archivingPortalClient.run(['$rootScope', '$injector', 'LoginService', function($rootScope, $injector, LoginService) {
LoginService.save({username: 'admin', password: 'password'}, function(data) {
$rootScope.oauth = data;
});
archivingPortalClient.run(['$rootScope', '$injector', 'TokenService', '$log', function($rootScope, $injector, TokenService) {
$injector.get("$http").defaults.transformRequest = function(data, headersGetter) {
if($rootScope.oauth) {
headersGetter()['Authorization'] = "Bearer " + $rootScope.oauth.access_token;
if(TokenService.getToken()) {
headersGetter()['Authorization'] = "Bearer " + TokenService.getToken();
}
if(data) {
return angular.toJson(data);
......
'use strict';
var MainController = function($scope, $log, $http, LoginService, $rootScope, User) {
var MainController = function($scope, User, LoginService, TokenService) {
//Login Form.
$scope.login = {};
// Leave a default username and password while developing.
$scope.login.username = 'user';
$scope.login.password = 'password';
//Run only when logging in.
//No pre defined scoped variables.
$scope.loggedIn = TokenService.isLoggedIn();
$scope.user = User.query();
// Runs when someone clicks "Sign in".
$scope.doLogin = function() {
LoginService.save({username: $scope.login.username, password: $scope.login.password}, function(data) {
$rootScope.oauth = data;
$scope.loggedIn = $rootScope.oauth;
$scope.user = User.query();
TokenService.setToken(data);
$scope.loggedIn = TokenService.getToken();
$scope.user = User.query(); //Set up for first time use. When returning, it will fire from the normal scope.
});
};
};
......@@ -22,3 +22,38 @@ loginService.factory('LoginService', function ($resource, $http) {
}
});
});
/**
* Simple factory to contain token information.
* The incapsulation performed here has absolutely zero real world implications
* in regards to security, but it just feels good to pretend we are working with
* actual objects and abstracting it away from the global scope is a win.
*/
loginService.factory('TokenService', function() {
var token = {};
// Set a new JWT
token.setToken = function(atoken) {
token = atoken;
};
// Get the access_token
token.getToken = function() {
return token.access_token;
};
// Get the refresh_token. Useful for expired session.
// TODO: Consider removing refresh_token's from the backend all together...
token.getRefreshToken = function() {
return token.refresh_token;
};
// Dirty check to see if a user is logged in.
token.isLoggedIn = function() {
return !!token.hasOwnProperty("access_token");
};
return token;
});
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment