npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@devon4ng/authorization

v11.0.1

Published

Adds rights-based authorization to your Angular app's routes

Downloads

43

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

sjimenez77sjimenez77rgarciamrgarciamjsrubiojsrubiommatczakmmatczak

Keywords

angularroutersecurityauthorization

Readme

Authorization Module

This devon4ng Angular module adds rights-based authorization to your Angular app. Eager to see how it works? Go to a Stackblitz demo.

Installation

$ npm install @devon4ng/authorization --save

Or you can use yarn:

$ yarn add @devon4ng/authorization

To install the correct vesion for your Angular project please refer to the @devon4ng/authorization versions available.

Usage

Thisdevon4ng Authorization Module mainly focuses on protecting your routes so that they can only be accessed by authorized users (having specific rights).

1. Configure the router

The starting point when setting up this devon4ng Authorization Module is Angular router with routes configured. So let's configure the router first - if you haven't done it yet :), e.g.:

import { BrowserModule } from '@angular/platform-browser';
import { NgModule } from '@angular/core';
import { RouterModule, Routes } from '@angular/router';
import { Dialog1Component } from './components/dialog1.component';
import { Dialog2Component } from './components/dialog2.component';
import { Dialog3Component } from './components/dialog3.component';

const routes: Routes = [
  {
    path: 'dialog1',
    component: Dialog1Component,
  },
  {
    path: 'dialog2',
    component: Dialog2Component,
  },
  {
    path: 'dialog3',
    component: Dialog3Component,
  },
  { path: '', pathMatch: 'full', redirectTo: '/dialog1' },
];

@NgModule({
  declarations: [AppComponent, Dialog1Component, Dialog2Component, Dialog3Component],
  imports: [BrowserModule, RouterModule.forRoot(routes)],
  bootstrap: [AppComponent],
})
export class AppModule {}

2. Import DevonfwAuthorizationModule.forRoot():

Similarly to the RouterModule you have to import DevonfwAuthorizationModule.forRoot() in the root @NgModule of your application.

import {DevonfwAuthorizationModule} from '@devon4ng/authorization';

const routes = ...

@NgModule({
  imports: [
    ...
    RouterModule.forRoot(routes),
    DevonfwAuthorizationModule.forRoot()
  ],
  bootstrap: [AppComponent]
})
export class AppModule { }

3. Configure rights needed to access your routes:

import { AuthorizedRoutes } from '@devon4ng/authorization';

enum Right {
  User,
  Admin,
}

const routes: AuthorizedRoutes<Right> = [
  {
    path: 'dialog1',
    component: Dialog1Component,
    permitAll: true,
  },
  {
    path: 'dialog2',
    component: Dialog2Component,
    authorizeForRight: Right.User,
  },
  {
    path: 'dialog3',
    component: Dialog3Component,
    authorizeForRight: Right.Admin,
  },
  { path: '', pathMatch: 'full', redirectTo: '/dialog1' },
];

Please note that in the above code we replaced the type Routes with the AuthorizedRoutes imported from @devon4ng/authorization. In addition to Routes' properties, the AuthorizedRoutes type provides:

  • the permitAll property which, if set to true, makes a route public
  • the authorizeForRight property which makes a route accessible only for users having the right provided as value
  • the authorizeForRightsOf property which makes a route accessible only for users having all the rights provided as an array

4. Set the AuthorizationGuard on your routes:

In order for the router to protect your routes (according to the configuration provided above) you need to set the AuthorizationGuard on your routes (more on router guards here). The easiest way to do it is to make use of the addAuthorizationGuards function provided by the DevonfwAuthorizationModule:

import {DevonfwAuthorizationModule, addAuthorizationGuards} from '@devon4ng/authorization';

const routes = ...

@NgModule({
  imports: [
    ...
    RouterModule.forRoot(routes),
    DevonfwAuthorizationModule.forRoot()
  ],
  bootstrap: [AppComponent]
})
export class AppModule {
  constructor(router: Router) {
    addAuthorizationGuards(router);
  }
}

The addAuthorizationGuards function traverses the route configuration and sets the AuthorizationGuard on those routes having the path and component properties set.

If you need more control over on which routes the AuthorizationGuard is set, you can:

  • pass a callback function to addAuthorizationGuards (as the 2nd argument):
// add guards to routes having paths and components provided, but having no children
addAuthorizationGuards(router, (route) => route.path != null && route.component && route.children == null);
  • set the AuthorizationGuard manually, in which case you don't need addAuthorizationGuards anymore:
import { AuthorizedRoutes, AuthorizationGuard } from '@devon4ng/authorization';

enum Right {
  User,
  Admin,
}

const routes: AuthorizedRoutes<Right> = [
  {
    path: 'dialog1',
    component: Dialog1Component,
    authorizeForRight: Right.User,
    canActivate: [AuthorizationGuard],
  },
  {
    path: 'dialog2',
    component: Dialog2Component,
    permitAll: true,
    canActivate: [AuthorizationGuard],
  },
  { path: '', pathMatch: 'full', redirectTo: '/dialog1' },
];

4. Provide your IsAuthorized service:

The last piece of the puzzle is to provide a service which can be called by the AuthorizationGuard to find out if the current user is authorized for given rights. The DevonfwAuthorizationModule only provides a dummy service authorizing for any rights requested (AuthorizedForAnyRight).

Let's implement our simple AuthorizationService:

import { IsAuthorized } from '@devon4ng/authorization';
import { Observable, of } from 'rxjs';
import { Injectable } from '@angular/core';

// moved here from the AppModule to avoid a circular dependency
export enum Right {
  User,
  Admin,
}

@Injectable()
export class AuthorizationService implements IsAuthorized<Right> {
  private userRights = [Right.User]; // get the actual rights from your (authorization) server

  isAuthorizedForRightsOf(requiredRights: Right[]): Observable<boolean> {
    if (requiredRights && requiredRights.length > 0) {
      return of(this.userHasAllRightsOf(requiredRights));
    }
    return of(true); // when no required rights...
  }

  private userHasAllRightsOf(requiredRights: Right[]) {
    return requiredRights.reduce(
      (isAuthorized, requiredRight) =>
        isAuthorized ? (this.userRights ? this.userRights.includes(requiredRight) : false) : false,
      true
    );
  }
}

Please note that in real-life scenarios you would request the user rights from your server and cache them for the lifetime of your user session.

Now let's replace the DevonfwAuthorizationModule's dummy implementation with the one implemented above:

import {isAuthorizedInjectionToken} from '@devon4ng/authorization';

@NgModule({
  imports: [
    ...
    RouterModule.forRoot(routes),
    DevonfwAuthorizationModule.forRoot()
  ],
  providers: [{provide: isAuthorizedInjectionToken, useClass: AuthorizationService}]
  bootstrap: [AppComponent]
})
export class AppModule {}

5. Enjoy :)

Now you can try it out! Assuming the DevonfwAuthorizationModule was set up like described above you should be able to access both /dialog1 (because it is configured as a public route) and /dialog2 (because in the AuthorizationService we set user rights to Right.User). Access to /dialog3 will be denied: you will stay at the current route. This is not all about user friendliness :) To change this behavior you can configure the DevonfwAuthorizationModule to navigate to some route when the authorization check fails:

import {DevonfwAuthorizationModule, addAuthorizationGuards} from '@devon4ng/authorization';

const routes: AuthorizedRoutes<Right> = [
  ...
  {
    path: 'access-denied',
    component: AccessDeniedComponent,
    permitAll: true
  }
];

@NgModule({
  imports: [
    ...
    RouterModule.forRoot(routes),
    DevonfwAuthorizationModule.forRoot({urlOnAuthorizationFailure: '/access-denied'})
  ],
  bootstrap: [AppComponent]
})
export class AppModule {
  ...
}

The fully working demo is available on Github and Stackblitz.