2

I'm building a project using Node.js and AngularJS. Some of the views and operations in my project require authorization.

In ASP.NET I used to simply save the user-id or user object in the Session when the user's credentials are correct, then in every Page and operation I would check if the user has permissions, and if not I would use Response.Redirect. So simple!

Now I use Node.js and AngularJS which are maybe the most popular combination for building websites nowadays and I would expect to have a very simple and quick way (even of a third party) to implement authorization, just like in ASP.NET.

Unfortunately I've only found a bunch of implementation examples that contain a myriad of code lines and turn me into an information security expert who knows about things like token and etc. Here are some of the articles I've found:

Best practices for authentication and authorization in Angular without breaking RESTful principles?

http://frederiknakstad.com/2013/01/21/authentication-in-single-page-applications-with-angular-js/

https://www.theodo.fr/blog/2015/08/handling-basic-route-authorization-in-angularjs/

http://code.tutsplus.com/tutorials/token-based-authentication-with-angularjs-nodejs--cms-22543

http://www.kdelemme.com/2014/03/09/authentication-with-angularjs-and-a-node-js-rest-api/

Is there any simple way to implement authentication+authorization+routing to unauthorized page without writing so many lines of code?

Any help will be profoundly appreciated!

Community
  • 1
  • 1
Alon
  • 10,381
  • 23
  • 88
  • 152
  • MeteorJS is a node based framework with insanely easy-to-setup authentication and support for angular on the front end. www.meteor.com – Julian Mann Jan 22 '16 at 22:42
  • @Julian Mann thank you. I've read about Meteor and it seems like it does the job. Since I havn't gotten any better solution, please rewrite this as an answer and I will mark it as the correct answer. – Alon Jan 26 '16 at 14:50

2 Answers2

2

MeteorJS is a node based framework with a drop-in authentication system. It also has first class support for AngularJS on the front-end.

You would first add the relevant accounts and UI packages on the command line. 

meteor add accounts-password
meteor add dotansimha:accounts-ui-angular

You could also add OAuth provider packages such as accounts-facebook or accounts-google.

Then in your template you add a the login-buttons directive. 

<login-buttons></login-buttons>

It then handles account creation, login, forgot passwords etc. It also provides hooks so you can add fields and values on account creation.

Here is a link to the authentication section of the Meteor/Angular ToDo tutorial.

Community
  • 1
  • 1
Julian Mann
  • 6,256
  • 5
  • 31
  • 43
1

nodejs modules and jsonwebtoken, passport, passport-local passport local for local strategy and passport for authenticate and jsonwebtoken for create authentication token

Chandra Kant Paliwal
  • 121
  • 9