Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
P
P
Pavel Talaiko2018-05-27 14:31:55
Angular
Pavel Talaiko, 2018-05-27 14:31:55

Angular 5 JWT where to store user roles? How to check?

It is necessary to differentiate access to the view (button admin panel). So that the roles are not stored in localStorage, as in many tutorials.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
I
Ivan Stroykin, 2018-05-27
@jsdevel

There are several options. But no matter what method you use, everything on the front can be transferred under itself, and open the same inaccessible buttons that do not fit the role. Therefore, you always need to check on the back.
Of the options, this is storage in cookies, globally in the service, in the right places, make a request for back and receive permission or prohibition. The most important thing is never to transfer the list of roles. Nobody needs to know what roles exist.
You can write a directive like:

Directive for displaying elements in the interface depending on the role
@Directive({ selector: '[hasRole]' })
export class HasRoleDirective implements OnInit {
  @Input() hasRole: string[] | string | undefined;

  constructor(private _viewContainer: ViewContainerRef,
              private _template: TemplateRef<any>) {
  }

  ngOnInit(): void {
    this._checkRoles(GlobalService.userRole);
  }

  private _checkRoles(userRole: string): void {
    if (!this.hasRole || this.hasRole === 'undefined' || this.hasRole.indexOf(userRole) !== -1) {
      this._viewContainer.createEmbeddedView(this._template);
    } else {
      this._viewContainer.clear();
    }
  }
}

You can rewrite this directive for yourself. That is, when opening the page, make a request to the backend to receive permission / prohibition to view elements and, using this directive, placed on certain elements, control the display

Report
D
Dasha Tsiklauri, 2018-05-27
@dasha_programmist

store it in the store (ngrx-store), when you start the application, you read the JWT token and: in the token itself, a list of roles or make a request and then push it all to the store

Similar questions
A
Abc Edc2016-01-25 09:59:39
How to properly loop mock requests in angular tests? 0Reply
S
Samat2021-09-09 19:13:06
How to clear user cache in angular app? 1Reply
C
coldunox2018-06-07 10:12:33
How to create a table filter? 2Reply
A
Alexander Mikhailenko2018-06-08 16:59:43
Why cookies are not set on post request in Angular 5? 2Reply
T
tonx922018-06-09 06:33:16
Angular 2+ Why doesn't parent component see EventEmitter .emit()? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question