-1

I'm using angular-permission library along with ui-router and satellizer.

Following is the state definition for home. In that I'm checking whether user is authorized using angular-permission.

$stateProvider.state('500', home);
var home = {
  abstract: true,
  url: '/home',
  data: {
    permissions: {
      only: ['loggedin',],
      redirectTo: {
        loggedin: 'login',
      },
    }
  },
  templateUrl: 'components/home/home.view.html',
  controller: 'HomeCtrl as home'
};

Following is the permission definition for loggedin

PermPermissionStore.definePermission('loggedin', isAuthenticated);

function isAuthenticated(permissionName, transitionProperties) {
  // check if token is valid.
  if ($auth.isAuthenticated()) {
    return true;
  }
  // if not then refresh token
  return tokenRestService.refresh().then(
    function (response) {
      if (response != null) {
        $auth.setToken(response);
      }
    },
    function (response) {
      localStorage.removeItem('user');
    }
  );
}

But somewhat it is not working when I'm doing asynchronous call. If I change isAuthenticated function as follow, then it is working properly, but I need to refresh token if in case token is expired, otherwise, redirect user to login page.

function isAuthenticated(permissionName, transitionProperties) {
  if ($auth.isAuthenticated()) {
    return true;
  }
  return false;
}

From the doc of angular-permission:

Sometimes you will need to call some a back-end api or do some other asynchronous task to check if permission is still valid. For that you can use promises and simply return them from validation function:

PermPermissionStore
  // Define user permission calling back-end
  .definePermission('hasValidSession', /*@ngInject*/function (Session) {
    // Let's assume that Session service calls backend API via $http and return promise:
    // -- $q.resolve() means that session is active 
    // -- $q.reject() means that session expired
    return Session.checkSession();
  });

But when I use a service in the definePermission, it simply goes through without any redirection.

Sadhu
  • 59
  • 9

1 Answers1

2

Follow the documentation:

 -- $q.resolve() means that session is active 
 -- $q.reject() means that session expired

Return either resolved or rejected promises to the .then method:

PermPermissionStore.definePermission('loggedin', isAuthenticated);

function isAuthenticated(permissionName, transitionProperties) {
  // check if token is valid.
  if ($auth.isAuthenticated()) {
    return true;
  }
  // if not then refresh token
  return tokenRestService.refresh().then(
    function (response) {
      if (response != null) {
        $auth.setToken(response);
      }
      return $q.resolve();
    },
    function (response) {
      localStorage.removeItem('user');
      return $q.reject();
    }
  );
}
georgeawg
  • 48,608
  • 13
  • 72
  • 95
  • Isn't it `$http` returns a promise. So do I have to return `$q.resolve()` and `$q.reject()` manually? – Sadhu Feb 27 '19 at 10:26
  • The `.then` method *returns a new promise* which is resolved or rejected via the **return value** of the `successCallback`, `errorCallback` (unless that value is a promise, in which case it is resolved with the value which is resolved in that promise using [promise chaining](http://www.html5rocks.com/en/tutorials/es6/promises/#toc-promises-queues)). See [You're Missing the Point of Promises](https://blog.domenic.me/youre-missing-the-point-of-promises/). – georgeawg Feb 27 '19 at 13:10