Commit ffe25c643cb1534952312debe55f89777cc4e9b4
1 parent
1dbb3af3
Exists in
master
and in
8 other branches
Add initial auth service
Showing
9 changed files
with
298 additions
and
8 deletions
Show diff stats
| ... | ... | @@ -0,0 +1,135 @@ |
| 1 | +(function() { | |
| 2 | + 'use strict'; | |
| 3 | + | |
| 4 | + angular | |
| 5 | + .module('dialoga') | |
| 6 | + .factory('Session', Session) | |
| 7 | + .factory('AuthService', AuthService) | |
| 8 | + .factory('AuthInterceptor', AuthInterceptor); | |
| 9 | + | |
| 10 | + /** @ngInject */ | |
| 11 | + function AuthService($http, $rootScope, Session, AUTH_EVENTS, api, $log) { | |
| 12 | + | |
| 13 | + var service = { | |
| 14 | + login: login, | |
| 15 | + logout: logout, | |
| 16 | + isAuthenticated: isAuthenticated, | |
| 17 | + isAuthorized: isAuthorized | |
| 18 | + }; | |
| 19 | + | |
| 20 | + $log.debug('AuthService', service); | |
| 21 | + return service; | |
| 22 | + | |
| 23 | + function login (credentials) { | |
| 24 | + var url = api.host + 'login'; | |
| 25 | + var encodedData = 'login=' + credentials.username + '&password=' + credentials.password; | |
| 26 | + | |
| 27 | + return $http | |
| 28 | + .post(url, encodedData) | |
| 29 | + .then(function(response) { | |
| 30 | + $log.debug('AuthService.login [SUCCESS] response', response); | |
| 31 | + | |
| 32 | + var currentUser = Session.create(response.data); | |
| 33 | + | |
| 34 | + $rootScope.$broadcast(AUTH_EVENTS.loginSuccess, currentUser); | |
| 35 | + return currentUser; | |
| 36 | + }, function(response) { | |
| 37 | + $log.debug('AuthService.login [FAIL] response', response); | |
| 38 | + $rootScope.$broadcast(AUTH_EVENTS.loginFailed); | |
| 39 | + }); | |
| 40 | + } | |
| 41 | + | |
| 42 | + function logout () { | |
| 43 | + Session.destroy(); | |
| 44 | + } | |
| 45 | + | |
| 46 | + function isAuthenticated () { | |
| 47 | + return !!Session.userId; | |
| 48 | + } | |
| 49 | + | |
| 50 | + function isAuthorized (authorizedRoles) { | |
| 51 | + if (!angular.isArray(authorizedRoles)) { | |
| 52 | + authorizedRoles = [authorizedRoles]; | |
| 53 | + } | |
| 54 | + | |
| 55 | + return (service.isAuthenticated() && authorizedRoles.indexOf(Session.userRole) !== -1); | |
| 56 | + } | |
| 57 | + } | |
| 58 | + | |
| 59 | + /** @ngInject */ | |
| 60 | + function Session($cookies, $log) { | |
| 61 | + | |
| 62 | + var service = {}; | |
| 63 | + | |
| 64 | + var currentUser = $cookies.getObject('currentUser') || {}; | |
| 65 | + | |
| 66 | + service.create = function(data) { | |
| 67 | + | |
| 68 | + currentUser.id = data.id; | |
| 69 | + currentUser.email = data.email; | |
| 70 | + currentUser.login = data.login; | |
| 71 | + currentUser.permissions = data.permissions; | |
| 72 | + currentUser.person = data.person; | |
| 73 | + currentUser.private_token = data.private_token; | |
| 74 | + currentUser.activated = data.activated; | |
| 75 | + | |
| 76 | + $cookies.putObject('currentUser', currentUser); | |
| 77 | + | |
| 78 | + $log.debug('User session created.', currentUser); | |
| 79 | + return currentUser; | |
| 80 | + }; | |
| 81 | + | |
| 82 | + service.destroy = function() { | |
| 83 | + | |
| 84 | + currentUser = {}; | |
| 85 | + | |
| 86 | + $cookies.remove('currentUser'); | |
| 87 | + | |
| 88 | + $log.debug('User session destroyed.'); | |
| 89 | + }; | |
| 90 | + | |
| 91 | + service.getCurrentUser = function () { | |
| 92 | + return currentUser; | |
| 93 | + }; | |
| 94 | + | |
| 95 | + return service; | |
| 96 | + } | |
| 97 | + | |
| 98 | + /** @ngInject */ | |
| 99 | + function AuthInterceptor ($rootScope, $q, AUTH_EVENTS) { | |
| 100 | + return { | |
| 101 | + responseError: function(response) { | |
| 102 | + $rootScope.$broadcast({ | |
| 103 | + 401: AUTH_EVENTS.notAuthenticated, | |
| 104 | + 403: AUTH_EVENTS.notAuthorized, | |
| 105 | + 419: AUTH_EVENTS.sessionTimeout, | |
| 106 | + 440: AUTH_EVENTS.sessionTimeout | |
| 107 | + }[response.status], response); | |
| 108 | + return $q.reject(response); | |
| 109 | + } | |
| 110 | + }; | |
| 111 | + } | |
| 112 | + | |
| 113 | + /** @ngInject */ | |
| 114 | + function AuthResolver($q, $rootScope, $state){ | |
| 115 | + return { | |
| 116 | + resolve: function () { | |
| 117 | + var deferred = $q.defer(); | |
| 118 | + var unwatch = $rootScope.$watch('currentUser', function (currentUser) { | |
| 119 | + if (angular.isDefined(currentUser)) { | |
| 120 | + if (currentUser) { | |
| 121 | + deferred.resolve(currentUser); | |
| 122 | + } else { | |
| 123 | + deferred.reject(); | |
| 124 | + // TODO: too many responsibilities? | |
| 125 | + $state.go('login'); | |
| 126 | + } | |
| 127 | + unwatch(); | |
| 128 | + } | |
| 129 | + }); | |
| 130 | + return deferred.promise; | |
| 131 | + } | |
| 132 | + }; | |
| 133 | + } | |
| 134 | + | |
| 135 | +})(); | ... | ... |
src/app/index.config.js
| ... | ... | @@ -3,14 +3,38 @@ |
| 3 | 3 | |
| 4 | 4 | angular |
| 5 | 5 | .module('dialoga') |
| 6 | + .config(configAuthInterceptor) | |
| 6 | 7 | .config(config); |
| 7 | 8 | |
| 8 | 9 | /** @ngInject */ |
| 10 | + function configAuthInterceptor ($httpProvider){ | |
| 11 | + | |
| 12 | + //Reset headers to avoid OPTIONS request (aka preflight) | |
| 13 | + $httpProvider.defaults.headers.common = {}; | |
| 14 | + $httpProvider.defaults.headers.post = {}; | |
| 15 | + $httpProvider.defaults.headers.put = {}; | |
| 16 | + $httpProvider.defaults.headers.patch = {}; | |
| 17 | + | |
| 18 | + // $httpProvider.defaults.useXDomain = true; | |
| 19 | + // $httpProvider.defaults.headers.common = {Accept: 'application/json, text/plain, */*'}; | |
| 20 | + // $httpProvider.defaults.headers.post = {'Content-Type': "application/json;charset=utf-8"}; | |
| 21 | + $httpProvider.defaults.headers.post = {'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8'}; | |
| 22 | + // $httpProvider.defaults.headers.common['Access-Control-Allow-Headers'] = '*'; | |
| 23 | + | |
| 24 | + $httpProvider.interceptors.push([ | |
| 25 | + '$injector', | |
| 26 | + function ($injector) { | |
| 27 | + return $injector.get('AuthInterceptor'); | |
| 28 | + } | |
| 29 | + ]); | |
| 30 | + | |
| 31 | + } | |
| 32 | + | |
| 33 | + /** @ngInject */ | |
| 9 | 34 | function config($logProvider) { |
| 35 | + | |
| 10 | 36 | // Enable log |
| 11 | 37 | $logProvider.debugEnabled(true); |
| 12 | - | |
| 13 | - // Set options third-party lib | |
| 14 | 38 | } |
| 15 | 39 | |
| 16 | 40 | })(); | ... | ... |
src/app/index.constants.js
| ... | ... | @@ -6,11 +6,26 @@ |
| 6 | 6 | .module('dialoga') |
| 7 | 7 | .constant('api', { |
| 8 | 8 | token: null, |
| 9 | - host: 'http://login.dialoga.gov.br/api/v1/', | |
| 9 | + // host: 'http://login.dialoga.gov.br/api/v1/', | |
| 10 | + host: 'http://www.participa.br/api/v1/', | |
| 10 | 11 | articleId: { |
| 11 | 12 | home: 103358 |
| 12 | 13 | } |
| 13 | 14 | }) |
| 15 | + .constant('AUTH_EVENTS', { | |
| 16 | + loginSuccess: 'auth-login-success', | |
| 17 | + loginFailed: 'auth-login-failed', | |
| 18 | + logoutSuccess: 'auth-logout-success', | |
| 19 | + sessionTimeout: 'auth-session-timeout', | |
| 20 | + notAuthenticated: 'auth-not-authenticated', | |
| 21 | + notAuthorized: 'auth-not-authorized' | |
| 22 | + }) | |
| 23 | + .constant('USER_ROLES', { | |
| 24 | + all: '*', | |
| 25 | + admin: 'admin', | |
| 26 | + restrict: 'restrict', | |
| 27 | + visitor: 'visitor' | |
| 28 | + }) | |
| 14 | 29 | .constant('Modernizr', window.Modernizr) |
| 15 | 30 | .constant('jQuery', window.jQuery) |
| 16 | 31 | // .constant('key', value) | ... | ... |
src/app/index.route.js
| ... | ... | @@ -20,6 +20,18 @@ |
| 20 | 20 | 'footer': { templateUrl: 'app/partials/footer/footer.html' } |
| 21 | 21 | } |
| 22 | 22 | }) |
| 23 | + .state('login', { | |
| 24 | + url: '/login', | |
| 25 | + views: { | |
| 26 | + 'header': { templateUrl: 'app/partials/header/header.html' }, | |
| 27 | + 'main': { | |
| 28 | + templateUrl: 'app/partials/login/login.html', | |
| 29 | + controller: 'LoginController', | |
| 30 | + controllerAs: 'login' | |
| 31 | + }, | |
| 32 | + 'footer': { templateUrl: 'app/partials/footer/footer.html' } | |
| 33 | + } | |
| 34 | + }) | |
| 23 | 35 | .state('programas', { |
| 24 | 36 | url: '/programas', |
| 25 | 37 | views: { | ... | ... |
src/app/index.run.js
| ... | ... | @@ -4,12 +4,40 @@ |
| 4 | 4 | |
| 5 | 5 | angular |
| 6 | 6 | .module('dialoga') |
| 7 | - .run(handleAccessibility) | |
| 7 | + .run(runAuth) | |
| 8 | + .run(runAccessibility) | |
| 8 | 9 | .run(runBlock); |
| 9 | 10 | |
| 10 | 11 | /** @ngInject */ |
| 11 | - function handleAccessibility($rootScope, $timeout, $cookies, $log) { | |
| 12 | - $log.debug('handleAccessibility'); | |
| 12 | + function runAuth($rootScope, $cookies, USER_ROLES, AUTH_EVENTS, AuthService, $log){ | |
| 13 | + | |
| 14 | + // Listner url/state changes, and check permission | |
| 15 | + $rootScope.$on('$stateChangeStart', function (event, next) { | |
| 16 | + if(!next.data || !next.data.authorizedRoles){ | |
| 17 | + $log.debug('public url/state'); | |
| 18 | + return; | |
| 19 | + } | |
| 20 | + | |
| 21 | + var authorizedRoles = next.data.authorizedRoles; | |
| 22 | + if (!AuthService.isAuthorized(authorizedRoles)) { | |
| 23 | + event.preventDefault(); | |
| 24 | + if (AuthService.isAuthenticated()) { | |
| 25 | + // user is not allowed | |
| 26 | + $log.debug('user is not allowed'); | |
| 27 | + $rootScope.$broadcast(AUTH_EVENTS.notAuthorized); | |
| 28 | + } else { | |
| 29 | + // user is not logged in | |
| 30 | + $log.debug('user is not logged in'); | |
| 31 | + $rootScope.$broadcast(AUTH_EVENTS.notAuthenticated); | |
| 32 | + } | |
| 33 | + } | |
| 34 | + }); | |
| 35 | + | |
| 36 | + $log.debug('runAuth end.'); | |
| 37 | + } | |
| 38 | + | |
| 39 | + /** @ngInject */ | |
| 40 | + function runAccessibility($rootScope, $timeout, $cookies, $log) { | |
| 13 | 41 | |
| 14 | 42 | var contrast = $cookies.get('dialoga_contraste') === "true"; |
| 15 | 43 | adjustContrast(contrast); |
| ... | ... | @@ -40,11 +68,13 @@ |
| 40 | 68 | $log.warn('role="main" not found.'); |
| 41 | 69 | } |
| 42 | 70 | }; |
| 71 | + | |
| 72 | + $log.debug('runAccessibility end.'); | |
| 43 | 73 | } |
| 44 | 74 | |
| 45 | 75 | /** @ngInject */ |
| 46 | 76 | function runBlock($log) { |
| 47 | - $log.debug('runBlock'); | |
| 77 | + $log.debug('runBlock end.'); | |
| 48 | 78 | } |
| 49 | 79 | |
| 50 | 80 | })(); | ... | ... |
| ... | ... | @@ -0,0 +1,44 @@ |
| 1 | +(function() { | |
| 2 | + 'use strict'; | |
| 3 | + | |
| 4 | + angular | |
| 5 | + .module('dialoga') | |
| 6 | + .controller('LoginController', LoginController); | |
| 7 | + | |
| 8 | + /** @ngInject */ | |
| 9 | + function LoginController($rootScope, AUTH_EVENTS, AuthService, Session, $log) { | |
| 10 | + $log.debug('LoginController'); | |
| 11 | + | |
| 12 | + var vm = this; | |
| 13 | + | |
| 14 | + vm.$rootScope = $rootScope; | |
| 15 | + vm.AUTH_EVENTS = AUTH_EVENTS; | |
| 16 | + vm.AuthService = AuthService; | |
| 17 | + vm.Session = Session; | |
| 18 | + vm.$log = $log; | |
| 19 | + | |
| 20 | + vm.init(); | |
| 21 | + } | |
| 22 | + | |
| 23 | + LoginController.prototype.init = function() { | |
| 24 | + var vm = this; | |
| 25 | + | |
| 26 | + // init variables | |
| 27 | + vm.credentials = {}; | |
| 28 | + | |
| 29 | + // attach events | |
| 30 | + | |
| 31 | + // ... | |
| 32 | + }; | |
| 33 | + | |
| 34 | + LoginController.prototype.login = function(credentials) { | |
| 35 | + var vm = this; | |
| 36 | + | |
| 37 | + vm.AuthService.login(credentials).then(function(user) { | |
| 38 | + // handle view | |
| 39 | + }, function() { | |
| 40 | + // handle view | |
| 41 | + }); | |
| 42 | + }; | |
| 43 | + | |
| 44 | +})(); | ... | ... |
| ... | ... | @@ -0,0 +1,30 @@ |
| 1 | +<article class="container" role="main"> | |
| 2 | + | |
| 3 | + <div class="col-sm-6 col-sm-offset-3"> | |
| 4 | + <form name="loginForm" ng-submit="login.login(login.credentials)"> | |
| 5 | + | |
| 6 | + <h2>Por favor, identifique-se:</h2> | |
| 7 | + | |
| 8 | + <div class="form-group"> | |
| 9 | + <label for="inputUsername" class="sr-only">E-mail:</label> | |
| 10 | + <div class="input-group"> | |
| 11 | + <div class="input-group-addon"><span class="glyphicon glyphicon-user"></span></div> | |
| 12 | + <input type="text" id="inputUsername" class="form-control" placeholder="E-mail" required="" autofocus="" ng-model="login.credentials.username"> | |
| 13 | + </div> | |
| 14 | + </div> | |
| 15 | + | |
| 16 | + <div class="form-group"> | |
| 17 | + <label for="inputPassword" class="sr-only">Senha:</label> | |
| 18 | + <div class="input-group"> | |
| 19 | + <div class="input-group-addon"><span class="glyphicon glyphicon-lock"></span></div> | |
| 20 | + <input type="password" id="inputPassword" class="form-control" placeholder="Senha" required="" ng-model="login.credentials.password"> | |
| 21 | + </div> | |
| 22 | + </div> | |
| 23 | + | |
| 24 | + <div class="form-group"> | |
| 25 | + <button class="btn btn-lg btn-primary btn-block" type="submit">Entrar</button> | |
| 26 | + </div> | |
| 27 | + </form> | |
| 28 | + </div> | |
| 29 | + | |
| 30 | +</article> | ... | ... |
src/favicon.ico
No preview for this file type
src/index.html
| ... | ... | @@ -5,7 +5,7 @@ |
| 5 | 5 | <!--[if gt IE 8]><!--> <html class="no-js" lang="pt-br" ng-app="dialoga"> <!--<![endif]--> |
| 6 | 6 | <head> |
| 7 | 7 | <meta charset="utf-8"> |
| 8 | - <title>dialoga</title> | |
| 8 | + <title>Dialoga Brasil</title> | |
| 9 | 9 | <meta name="description" content=""> |
| 10 | 10 | <meta name="viewport" content="width=device-width"> |
| 11 | 11 | <!-- Place favicon.ico and apple-touch-icon.png in the root directory --> | ... | ... |