asp.net - Security for an AngularJs + ServiceStack App -

-

i have application have 4 modules in front end, i'm trying use as possible angularjs in front end i'm using empty website asp.net project host files , rest servicestack, project have kind of following structure:

~/ (web.config, global.asax , out of box structure asp.net website) - app <-  angularjs      - users  <-  js controllers , views (static html files)     - companies     - backend     - public     index.html     indexctrl.js     app.js - content - js

i use angularjs service calls , backend i'm using rest servicestack.

the question how can restrict access authenticated users static html files? let's ones inside inside companies, backend , users example

hi after doing research solution worked me:

  1. install razor markdown nuget
  2. change file structure match default behavior rm [razor markdown] /views
  3. modify web config following approach described in this service stack example
  4. change static htmls files .cshtml files, default creates same route without extension /views/{pagename} without extension, i'm using approach authorization logic simpler implement (at least me)
  5. update service method authorize attribute can find out more in page

to illustrate lit of bit more route definition in far:

'use strict'; angular.module('myapp', ['myapp.directives', 'myapp.services']).config(     ['$routeprovider', function($routeprovider) {         $routeprovider.when('/dashboard', {             controller: 'dashboardctrl',             templateurl: 'views/dashboard'             }).when('/payments', {             controller: 'paymentsctrl',             templateurl: 'views/payments'         }).             when('/login', {                 controller: 'loginctrl',                 templateurl: 'views/login'             });     }]  );

notice references pointed razor paths.

this small menu i've done in angular

<div class="container">    <div class="navbar" ng-controller="indexctrl">     <div class="navbar-inner">       <a class="brand" href="#/">header menu</a>       <ul class="nav">          <li ng-class="{active: routeis('/dashboard')}"><a href="#/dashboard">dashboard</a></li>          <li ng-class="{active: routeis('/login')}"><a href="#/login">login</a></li>          <li ng-class="{active: routeis('/payments')}"><a href="#/payments">payments</a></li>       </ul>     </div>   </div>     <ng-view></ng-view>  </div>

let's payments page restricted, every time click on page 401 unauthorized message.

service host:

 public override void configure(container container)         {               plugins.add(new authfeature(() => new authusersession(), new iauthprovider[] {                 new facebookauthprovider(appsettings),                  new twitterauthprovider(appsettings),                  new basicauthprovider(appsettings),                  new googleopenidoauthprovider(appsettings),                 new credentialsauthprovider()             })); //i'm going support social auth well.              plugins.add(new registrationfeature());              routes.add<userrequest>("/api/user/{id}");             routes.add<loginrequest>("/api/user/login","post");             routes.add<paymentrequest>("/views/payments");           }

i hope helps


Comments

Post a Comment

Popular posts from this blog

c++ - Creating new partition disk winapi -

-
i'am trying create new partition , mount volume new, thought createfile let me this, code : lpctstr lpfilename=l"\\\\.\\device\\harddisk0\\partition3"; handle handl=createfile( lpfilename, generic_read | generic_write, file_share_read | file_share_write, null, create_always, file_attribute_normal, null ); if (handl==invalid_handle_value) { qdebug()<<"handl invalid"<<" error"<<getlasterror();} bool success = definedosdevice(ddd_raw_target_path,l"i:",l"\\device\\harddisk0\\partition3"); if(!success) qdebug()<<" definedosdevice failed "<<getlasterror(); bflag = getvolumenameforvolumemountpoint( l"i:\\", // input volume mount point or directory /** u in dir
Read more

Android Prevent Bluetooth Pairing Dialog -

-
i'm developing internal application uses bluetooth printing. want bluetooth pairing occur without user input. have managed working trapping android.bluetooth.device.action.pairing_request broadcast. in broadcast receiver call setpin method, , pairing works ok, bluetoothpairingdialog displayed second or two, disappears - see link below. https://github.com/android/platform_packages_apps_settings/blob/master/src/com/android/settings/bluetooth/bluetoothpairingdialog.java since broadcast non-ordered, can't call abortbroadcast() , , wondering if there other way prevent pairing dialog appearing. can hook window manager in way? i haven't been able come way without modifying sdk. if you're oem, it's easy (i'm on 4.3): in packages/apps/settings/androidmanifest.xml, comment intent filter pairing dialog: <activity android:name=".bluetooth.bluetoothpairingdialog" android:label="@string/bluetooth_pairing_request"
Read more

php - joomla get content in onBeforeCompileHead function -

-
i'm developing joomla system plugin. need add javascript , css files if [myshortcode] shortcode found in content. how can content in onbeforecompilehead function function onbeforecompilehead() { $document = jfactory::getdocument(); //add scripts if shortcode found ... $document->addstylesheet($cssfile, 'text/css', null, array()); the $content = jresponse::getbody(); not work. thanks try this, for style sheet, $document = jfactory::getdocument(); $document->addstylesheet('http://domain.com/templates/css/style.css'); for javascript file $document = jfactory::getdocument(); $document->addscript('full url'); also can this, $document = jfactory::getdocument(); // add javascript $document->addscriptdeclaration(' window.event("domready", function() { alert("an inline javascript declaration"); }); '); // add styles $style = 'body {'
Read more