2

We're creating an independent Angular web page for password maintenance that will be called from all of our external applications that have logins. When changing a password, we want to pass in the user's login to pre-populate the field on the change password form. We also want to pass in a URL to return to when done. Is there any way to pass these values to the Angular app other then adding the to the URL (as route parameters or query parms)? We'd rather these values didn't appear in the URL.

Thought about forms but don't think would work because they're designed for the client app to post data to the server - not for the client app to received data - don't think Angular has a way to examine the active route for forms data.

Chuck Bevitt
  • 535
  • 4
  • 13
  • this question may be helpful : https://stackoverflow.com/questions/44456508/passing-data-to-router-angular-2 – Mohamed Ali RACHID Oct 08 '19 at 23:31
  • 2
    Umm... just curious, in the context of security, why would you want to retrieve a _password_ (i.e. in plaintext) and especially, pre-populate a field (i.e. displaying it out)? If a user has forgotten a password, then the old password is as good as gone/dead/useless. If the user is in logged in state and wants to change password, wouldn't providing 3 fields, current password, new password and repeat new password be sufficient? – terahertz Oct 09 '19 at 01:04
  • We'd only pass IN the users's login ID to pre-populate the field. If they change their password, the requested new password they enter transmits to our server. If they've forgotten their login, they enter their email and we send it to them. If they've forgotten their password, they enter their login and email address; we create a new temporary password that we email to them. – Chuck Bevitt Oct 13 '19 at 20:09

2 Answers2

0

You can pass data through a service https://angularfirebase.com/lessons/sharing-data-between-angular-components-four-methods/

PENG ZHU
  • 275
  • 2
  • 6
0

After doing some research, the idea of passing input parameters from one Angular UI app to another in the HTTP request body isn't practical, especially if you want to do so by a simple anchor link displayed in the first app. Still we didn't want the parameters nakedly displayed in the URL, so what we came up with is for the calling app to embed the parameters in a JSON string then use btoa() to encode the JSON string as Base64. Then we pass this as a querystring parameter like: http://....?Data=ksldjoisdosidfjsdf... The called app simply grabs the single querystring parameter and reverses the process to come up with an object containing all the passed parameters.

Note that this is really only for appearance, not encryption. Trying to encrypt data that would be unencrypted by the browser would be very hard to secure since the user can access anything happening in the browser with ordinary development tools.

Chuck Bevitt
  • 535
  • 4
  • 13