Easy to use route authorization provider for Angular
npm install route-auth
Then use browserify or another packaging tool and
require( "route-auth" )
When creating your main angular module, include
vokal.RouteAuth in the list of included modules, e.g.
Add a resolve to a route like so:
The array of strings passed to RouteAuth.auth are the permissions that are allowable for the route
Somewhere else in your code, such as after authentication, you need to tell RouteAuth what roles the
current user has, if any. This looks like
RouteAuth.storeRoles( [ "role1", "role2", "etc" ] ).
By default roles are stored with local storage. To clear the store call
RouteAuth.storeRoles(  ).
Security: Because roles are stored in plain text in local or session storage where they can be directly edited, this route authorization does not replace in any way authorization on the server side.
The following methods can be called on the
RouteAuth service once injected into your Angular code.
Load the user's roles from localStorage, or set them as an empty list if there are no roles in localStorage.
Overwrite the user's current roles with
newRoles| Array | the new user roles to be set
newRole to the existing set of roles
newRole| String | the new user role to add
Check to see if the user has any of the roles in
checkRoles| Array | the list of roles to check for
true if the user has any of the roles in
Check to see if the user has no roles.
true if user has no set roles, otherwise
Returns a promise, which is resolved if the user has one of the
allowedRoles. Otherwise, the promise is rejected.
allowedRoles| Array | list of acceptable roles
options| Object | optional parameters for this function
redirectPath| String | path to redirect to should the user not have one of the allowed roles
Angular Promise | will resolve if user has one of the roles in
allowedRoles. Otherwise, will be rejected.
Migrate roles to a new storage medium. For example, if a user chooses not to have their session persisted after login you might use
swapStorage( window.sessionStorage ) before or even after the login completes. To use a custom storage location such as cookies, the interface of
newMedium should expose
removeItem() methods that work the same was as in the Web Storage API.