Is it possible to generate temporary URL or route using angular and ui-router?

Question

As the question title says, is it possible to generate a temporary URL using ui-router that routes to a view which displays data of a patient without showing patient ids or any identifying information in the URL? The link should be generated when a button is clicked. In other words, a url with random characters like www.example.com/xuye9039j23l. Once this URL is viewed and processed (say save button is clicked, then the URL can't be used again). Can someone give me a logic on how this can be made possible? I guess it would be somewhat similar to password recovery email in which the link expires once it's clicked. I'm using C# Web API if it is important.

Answer 1

I believe this might be the answer you are looking for: Angular ui router passing data between states without URL

However, I would consider a different strategy if you would like more granularity in control of the accessibility of this report.

Assuming you have a database to work with, perhaps you could create a new database table which might contain the following:

• The ID of the user
• A temporary generated token which will be used for routing to your patient details page
• Perhaps a expiration date/time.

have your button call an API endpoint on your web server which might do the following:

1. Given a users ID and some subset of information, generate a hash of the information (include the ID of the current column as this will ensure uniqueness of the hash for multiple links generated for the same user). This will be the token.
2. Store the hash in your new database table with an expiration date/time.
3. Respond to the web request with the hash/token so you can route to the client details page with the token.

Then, when the user is redirected to the client details page, you can use your back-end (web server) to check for expiration or any other limiting factors you wish to put in place for the accessibility of this page.

Just my thoughts on the matter.

Answer 2

Yes this is possible. It has more to do with your backend code then javascript.

In essence you will need to have a server validate your id, and if it is valid display message. If it is not valid return 400 or something and tell them they have an invalid id. You will need to persist the Id to a datastore with some sort of time/use column saying if it is valid or not.

I will give a WebAPI example.

app.controller('myCtrl', function($scope,$stateParams,patientService) {
    if($stateParams.id != undefined)
     {
         patientService.Get($stateParams.id).then(function(success){
         $scope.Data = success;
       },
        function(error)
       {
        //redirect or display cannot use this url message
         }
      });
}

WebAPI

public HttpResponseMessage Get(string id)
{
     //use business logic to validate ID
     //if Id is valid return cool data

     if (isValid(id))
     {
          return  request.CreateResponse(HttpStatusCode.OK,data);
      }
   return  request.CreateResponse(HttpStatusCode.BadRequest);
}