3

I have two roles in my REST back-end (built with Spring):

ROLE_USER, ROLE_ADMIN

When I log in, the REST API returns a valid token. Then I set it in the local storage like this:

localStorage.setItem('currentUser', JSON.stringify({username: username, token: token}));

And when I need it I get it like this:

localStorage.getItem('currentUser');

So far so good. When I get my token how do I get the payload and the claims in it?

I want to show admin panel if you are an admin.

Teodor Dimitrov
  • 1,003
  • 2
  • 12
  • 19

3 Answers3

2
jwtHelper.decodeToken($scope.jwt)

See https://github.com/auth0/angular-jwt and https://github.com/auth0/angular2-jwt

an example https://github.com/auth0-blog/angularjs-jwt-authentication-tutorial/blob/8841ad5d7cb034506d2e3e6840db6202e6969b7a/frontend/home/home.js#L16

StanislavL
  • 56,971
  • 9
  • 68
  • 98
0

It is very difficult to identify user role based on the token, Better add a new flag like IS_ROLE_USER, IS_ROLE_ADMIN and based on that flag check the current user role. Or else use spring boot security. Might it will help you.

Avinash Kumar
  • 1
0

The other answers covered the spring part of your question, so I'm going to focus my answer on the angular part.

You can use a directive to show/hide the admin panel like so:

<admin-component *ngIf="user.isAdmin"></admin-component>
Kloranthy
  • 1
  • 1