Implement CanActivate route guard in Angular – Auth Guard

-

 

Implement CanActivate route guard in Angular  – Auth Guard



Angular allows us to protect routes with guards. An angular Route guard is a way of protecting navigation by allowing or denying a route based on the condition we supply. The most commonly used angular route guard types are CanActivate and CanDeactivate. Angular has several guard interfaces that allow us to mediate navigation to and from a route.

Different types of Angular auth guard in Angular

ng g guard my-new-guard guard-type

CanActivate: Checks to see if we can visit a route based on condition.


First, you need to create a route guard. Run the following command in your terminal to generate a guard service:

ng g guard admin/admin


Two src/app/admin/admin.guard.spec.ts and src/app/admin/admin.guard.ts files will be generated. Open the src/app/admin/admin.guard.ts file, you should see the following code:


import { Injectable } from '@angular/core';

import { CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot } from '@angular/router';

import { Observable } from 'rxjs';


@Injectable({

  providedIn: 'root'

})

export class AdminGuard implements CanActivate {

  canActivate(

    next: ActivatedRouteSnapshot,

    state: RouterStateSnapshot): Observable<boolean> | Promise<boolean> | boolean {

    return true;

  }

}


Guard is simply a service that implements the CanActivate interface and overrides the canActivate() method.


Let's change the method to only allow access if the user is logged in. First, you need to import AuthService and inject it via the AdminGuard service and next you need to call the isLoggedIn property in the canActivate() method to check if the user is logged in and return true or false;


import { Injectable } from '@angular/core';

import { CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot, Router, UrlTree } from '@angular/router';

import { Observable } from 'rxjs';

import { AuthService } from './auth/auth.service';


@Injectable({

  providedIn: 'root'

})

export class AdminGuard implements CanActivate {

  constructor(private authService: AuthService, private router: Router)

  {}

  canActivate(

    next: ActivatedRouteSnapshot,

    state: RouterStateSnapshot): Observable<boolean> | Promise<boolean> | boolean | UrlTree {

    if(this.authService.isLoggedIn){

      return true;

    }

    else{

      return this.router.parseUrl("/admin/login");

    }


  }

}



The canActivate() method will return true if the user is logged in or false otherwise.

The canActivate() method is passed many arguments which makes it easy to detrmine if the guard needs to allow or disallow access to certain route(s):

  1. next: ActivatedRouteSnapshotwhich is the next route that will be activated if the guard is allowing access,
  2. state: RouterStateSnapshotwhich is the next router state if the guard is allowing access.

Applying the Angular Guard



Now, you need to apply the guard to the routes you need to protect using the canActivate property of the path object. Open the src/app/admin/admin-routing.module.ts file and update it accordingly:

import { NgModule } from '@angular/core';
import { Routes, RouterModule } from '@angular/router';

import { ProjectComponent } from './project/project.component';
import { ProjectListComponent } from './project-list/project-list.component';
 
import { LoginComponent } from './login/login.component';
import { AdminGuard } from  './admin.guard';

const routes: Routes = [
    {
        path: 'project-dashboard',
        component: ProjectComponent,
        children: [
            {
                path: 'list',
                component: ProjectListComponent,
                canActivate: [AdminGuard]
            }
            { 
                path: 'login', 
                component: LoginComponent 
            }
        ]
    }
];


@NgModule({
  imports: [RouterModule.forChild(routes)],
  exports: [RouterModule]
})
export class AdminRoutingModule { }


Now, go to your application, if you visit any protected route without logging in you will be redirected to the /admin/login route where you can login.

Comments

Post a Comment

Popular posts from this blog

Angular Best Practices and Coding Standards: A Guide for Developers

-
Image
  Angular Best Practices and Coding Standards: A Guide for Developers Angular, a powerful and widely used front-end framework, empowers developers to build robust and scalable web applications. However, harnessing its full potential requires adherence to best practices and coding standards. In this blog, we'll explore essential Angular best practices and coding standards to help developers write clean, maintainable, and efficient code. 1. Follow the Angular Style Guide: Angular provides an official style guide that outlines conventions for formatting, naming, and organizing code. Adhering to this guide ensures consistency across projects and enhances collaboration among developers. 2. Module Organization: Feature Modules: Organize your application into feature modules based on functionality. Aim for a flat structure with a dedicated module for each feature. Shared Module: Create a shared module for components, directives, and pipes used across multiple modules. Import the shared mo...
Read more

Route Web Server Request to App server through proxy

-
Image
 Route Web Server Request to App server through proxy Step 1 – Download and install required dependency on IIS Server  Application Request Routing Module Download URL: - https://www.microsoft.com/en-us/download/details.aspx?id=47333  URL Rewrite Module Download URL: - https://www.microsoft.com/en-in/download/details.aspx?id=7435 Step 2 – Configure ARR as a Forward Proxy  To enable ARR as a proxy, and to create a URL Rewrite rule to enable ARR as a forward proxy, proceed as follows:  1. Open Internet Information Services (IIS) Manager.  2. In the Connections pane, select the server.  3. In the server pane, double-click Application Request Routing Cache 4. In the Actions pane, click Server Proxy Settings. 5. On the Application Request Routing page, select Enable proxy. 6. In the Actions pane, click Apply. This enables ARR as a proxy at the server level. 7. To start the process of turning ARR into a forward proxy, click on the server node in the Connections pane ...
Read more

Top 7 ways to use Interceptors in Angular

-
  Top 7 ways to use Interceptors in Angular It Intercepts and handles an HttpRequest or HttpResponse. Most interceptors convert the outgoing request before passing it on to the next interceptor in the chain. Handle (transformed rake). An interceptor can also alter the response event stream by applying additional RxJS operators to the stream returned by the next.take care (). An interceptor may rarely fully handle the request and create a new event stream instead of invoking nextHandle(). This is acceptable behavior, but be aware that further interceptors will be skipped altogether. interface HttpInterceptor {     intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>>   }   It is rare but valid for an interceptor to return multiple responses on the event stream for a single request. 1. Authentication And first on the list is authentication! It is just so fundamental for many applications that we have a pro...
Read more