0

I'm using Angular 1.6.4, Express 4.15.2 and express-session. I am trying to catch if the user is unauthorized to access a certain route by checking the existence of req.session.user parameter. If he's not, I'd like to send a 401 response status and change the state in Angular.

The problem is that I am not getting any response object to check the status of. I have tried using an interceptor, logging out error.response.body, logging out everything really to find out where it is that I'm losing the response object.

Here's some code, any help would be greatly appreciated!

express:

app.get('/update', sessionCheck, function(req, res) {
  res.send('session');
});

function sessionCheck(req, res, next){
    if(req.session.user) {
      next();
    } else {
      console.log('before');
      return res.status(401).send('Unauthorized');
      console.log('after');
    }
}

angular:

.state('update', {
  url: '/update',
   views: {
    "": {
      templateUrl: 'templates/update.html',
      controller: function($http) {
        return $http.get('/update').then(function(response) {
          console.log('Ok response' + response);
        }, function(error) {
          console.log('Error response' + error.response.body);
        });
      },
    },
    "carousel": {
      templateUrl: "templates/carousel.html"
    },
    "footer": {
      templateUrl: "templates/footer.html"
    }
  }
})

network screen

amamagen
  • 1
  • 1
  • what do you see in your networks tab request? – mehulmpt Aug 05 '17 at 14:15
  • @mehulmpt added link with a screen to the post – amamagen Aug 05 '17 at 14:23
  • you are getting correct response. You are sending 401 unauthorized in your nodejs code for unauthorized users so it shows up that way in your networks tab – mehulmpt Aug 05 '17 at 14:31
  • @mehulmpt alright, but in the controller I can't access the response object to set a condition like (response.status == 401). Is there any way around that? – amamagen Aug 05 '17 at 14:48

1 Answers1

0

Have you tried to do this using an interceptor?

You can try in this way: 

anyModule.service('yourInterceptor', function($q) {
var service = this;

service.responseError = function(response) {
    if (response.status == 401){
        //do something
    }
    return $q.reject(response);
};

})

Note that here we are dealing with responseError.

You need to register you interceptor too in a config function:

$httpProvider.interceptors.push('yourInterceptor');

You can see this for more information about this interceptor:

Capture HTTP 401 with Angular.js interceptor

UPDATE:

You can register an interceptor in this way too: 

app.factory("YourInterceptor", ["$q", "$rootScope", "$location",
function($q, $rootScope, $location) {
    var success = function(response) {
        //do something
        return response;
    },
    error = function(response) {
        if(response.status === 401) {
                // do something
        }

        return $q.reject(response); //reject on error
    };

    return function(httpPromise) {
        return httpPromise.then(success, error);
    };
}

Then you register your interceptor in this way (in a config of the module):

$httpProvider.responseInterceptors.push("YourInterceptor");

Note that you push the interceptor in responseInterceptors. This work to me.

L. Figueredo
  • 278
  • 2
  • 11
  • I have. With no condition inside, just console.log('string'). Works on other routes, but on this one nothing shows up. – amamagen Aug 05 '17 at 15:02
  • You can try replace the 'responseError' with 'response' and see what is logged in your interceptor. Note that if you do this with 'response' you can't just reject all promises. – L. Figueredo Aug 05 '17 at 15:22
  • `angular.module('app.providers') .service('authInterceptor', [ '$q', '$injector', '$location', function($q, $injector, $location) { return { request: function(config) { console.log('1'); return config; }, requestError: function(config) { console.log('2'); return config; }, response: function(res) { console.log('3'); return res; }, responseError: function(res) { console.log('4'); return res; } } }])` Gives me nothing on '/update'. – amamagen Aug 05 '17 at 18:05
  • Just to be sure, are you pushing this provider to the $httpProvider? You must do this in a config function of your module. I edited the response with another solution. – L. Figueredo Aug 05 '17 at 18:40