Bastien Donjon

Développeur web à Bordeaux

Thursday

24

April 2014

0

COMMENTS

Basic authentification with AngularJs and Laravel

Written by , Posted in Javascript, PHP

Here’s a simple solution to install basic authentication system with AngularJs.

This is a subject that is not much developed. Probably because of the different authentication methods and functional needs.

For me I needed:
– Authentication Required
– To authenticate the user on my RESTful API
– Not to send the user name and password to each request
– Not to make cross-domain
– To have a persistent connection (F5 or close browser window)
– To block access to the application if the authentication server is lost

Laravel configuration

route.php
// Route with basic authentification and custom method
Route::group(
    [ 'before' => 'auth.basicCustom' ], function () {
        // User authenticate with sesssion
        Route::post('authenticate', function(){
            echo 'ok';
        });
    }
);

// Logout current user
Route::get('/logout', function(){
    Auth::logout();
});

// Check state of current user authentification
Route::get('/guest', function(){
    if(Auth::guest()){
        throw new \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException('x-Basic')
    }else{
        echo 'ok';
    }
});

filters.php

Route::filter(
    'auth.basicCustom', function () {
        $credentials = [ 'email' => Request::getUser(), 'password' => Request::getPassword() ];

        if (!Auth::check()) {
            if (!Auth::once($credentials)) {
                throw new \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException('x-Basic');
            }
        }
    }
);

Configuration AngularJs

app.js

angular.module('App', [
    'LocalStorageModule',
    'authServices'
  ])

  .config(['$httpProvider' ,
    function ($httpProvider) {

      /* -- Add your routes or states -- */

      // Authentification provider
      $httpProvider.interceptors.push('authInterceptor');
  }]);

authInterceptor.js

'use strict';

/**
 * Authentification Services
 */
angular.module('authServices', [])

  /**
   * Add callback after/befor http request
   */
  .factory('authInterceptor', ['$rootScope', '$q', '$window', 'localStorageService',
      function ($rootScope, $q, $window, localStorageService) {
        return {

          /**
           * Before request
           * @param config
           * @returns {*}
           */
          request: function (config) {
            config.headers = config.headers || {};
            return config;
          },

          /**
           * After success request
           * @param response
           * @returns {*|Promise}
           */
          response: function (response) {
            return response || $q.when(response);
          },

          /**
           * After error request
           * @param rejection
           * @returns {Promise}
           */
          responseError: function (rejection) {
            localStorageService.add('authenticate', false);
            $rootScope.authenticate = false;
            return $q.reject(rejection);
          }
        };
    }]);

userController.js

angular.module('App')

  .controller('UserCtrl', ['$rootScope', '$scope', '$http', '$window', 'localStorageService',
    function ($rootScope, $scope, $http, $window, localStorageService) {
      $scope.submit = function () {
        $http
          .post('/api/authenticate', {}, {
            // Forcage du type d'authentification
            headers: {
              Authorization : 'Basic ' + btoa($scope.user.username + ":" + $scope.user.password)
            }
          })
          .success(function (data, status, headers, config) {
            localStorageService.add('authenticate', true);
            $rootScope.authenticate = true;
            // Suppression des informations utilisation pour ne pas les garder en claire dans le scope
            delete $scope.user;
          })
          .error(function (data, status, headers, config) {
            localStorageService.add('authenticate', false);
            $rootScope.authenticate = false;
          });
      };
  }]);

directives.js

'use strict';

angular.module('App')
  .directive('ngLogin', function () {
    return {
      restrict: 'E',
      templateUrl: 'partials/login.html'
    };
  });

login.html

<div id="login-wrapper">
    <table>
        <tbody>
            <tr>
                <td>
                    <form id="login-form" role="form">
                        <div class="form-group"><a id="login-logo" href="#/"><img alt="Chilican" src="/images/logo.png" /></a></div>
                        <div class="form-group">
                              <label for="userEmail">Adresse email</label>
                              <input class="form-control" id="userEmail" type="email" name="user" placeholder="ex : email@domain.com" />
                        </div>
                        <div class="form-group">
                              <label for="userPassword">Mot de passe</label>
                              <input class="form-control" id="userPassword" type="password" name="pass" />
                        </div>
                        <button class="btn btn-default" type="submit">Se connecter</button></form>
                 </td>
             </tr>
       </tbody>
   </table>
</div>

sources :