@ngx-auth/core
Advanced tools
JWT authentication utility for Angular & Angular Universal
Please support this project by simply putting a Github star. Share this library with friends on Twitter and everywhere else you can.
@ngx-auth/core is a basic JWT-based authentication utility used for logging in and out of the Angular application
and restrict unauthenticated access from accessing restricted routes.
AuthModule to use AuthStaticLoaderYou can install @ngx-auth/core using npm
npm install @ngx-auth/core --save
@ngx-auth/core.The following package(s) have no dependency for @ngx-auth/core, however may provide supplementary/shorthand functionality:
@ngx-auth/core to your project (SystemJS)Add map for @ngx-auth/core in your systemjs.config
'@ngx-auth/core': 'node_modules/@ngx-auth/core/bundles/core.umd.min.js'
Import AuthGuard using the mapping '@ngx-auth/core' and append canActivate: [AuthGuard] or canActivateChild: [AuthGuard]
properties to the route definitions at app.routes (considering the app.routes is the route definitions in Angular application).
...
import { AuthGuard } from '@ngx-auth/core';
...
export const routes: Routes = [
{
path: '',
children: [
{
path: 'home',
component: HomeComponent
},
{
path: 'account',
children: [
{
path: 'profile',
component: ProfileComponent
},
{
path: 'change-password',
component: ChangePasswordComponent
}
],
canActivateChild: [AuthGuard]
},
{
path: 'purchases',
component: PurchasesComponent,
canActivate: [AuthGuard]
},
{
path: 'login',
component: LoginComponent
}
]
},
...
];
Import AuthModule using the mapping '@ngx-auth/core' and append AuthModule.forRoot({...}) within the imports property
of app.module (considering the app.module is the core module in Angular application).
You can call the forRoot static method using AuthStaticLoader. By default, it is configured to have no settings.
You can customize this behavior (and ofc other settings) by supplying auth settings to
AuthStaticLoader.
The following examples show the use of an exported function (instead of an inline function) for AoT compilation.
AuthModule to use AuthStaticLoader...
import { AuthModule, AuthLoader, AuthStaticLoader } from '@ngx-auth/core';
...
export function authFactory(): AuthLoader {
return new AuthStaticLoader({
backend: {
endpoint: '/api/authenticate',
params: []
},
storage: localStorage,
storageKey: 'currentUser',
loginRoute: ['login'],
defaultUrl: ''
});
}
@NgModule({
declarations: [
AppComponent,
...
],
...
imports: [
AuthModule.forRoot({
provide: AuthLoader,
useFactory: (authFactory)
}),
...
],
...
bootstrap: [AppComponent]
})
AuthStaticLoader has one parameter:
AuthSettings : auth settings
Backend : auth backend (by default, using the endpoint '/api/authenticate')any : storage (by default, localStorage)string : storage key (by default, 'currentUser')Array<any> : login route, used to redirect guarded routes (by default, ['login'])string : default URL, used as a fallback route after successful authentication (by default, ''):+1: On it!
@ngx-auth/coreis now ready to perform JWT-based authentication regarding the configuration above.
Note: If your Angular application is performing server-side rendering (Angular Universal), then you should follow the steps explained below.
AuthModule using the mapping '@ngx-auth/core' and append AuthModule.forRoot({...}) within the imports property
of app.browser.module (considering the app.browser.module is the browser module in Angular Universal application)....
import { AuthModule, AuthLoader, AuthStaticLoader } from '@ngx-auth/core';
...
export function authFactory(): AuthLoader {
return new AuthStaticLoader({
backend: {
endpoint: '/api/authenticate',
params: []
},
storage: localStorage,
storageKey: 'currentUser',
loginRoute: ['login'],
defaultUrl: ''
});
}
@NgModule({
declarations: [
AppComponent,
...
],
...
imports: [
AuthModule.forRoot({
provide: AuthLoader,
useFactory: (authFactory)
}),
...
],
...
bootstrap: [AppComponent]
})
AuthModule using the mapping '@ngx-auth/core' and append AuthModule.forServer() within the imports property
of app.server.module (considering the app.server.module is the server module in Angular Universal application)....
import { AuthModule } from '@ngx-auth/core';
...
@NgModule({
declarations: [
AppComponent,
...
],
...
imports: [
AuthModule.forServer(),
...
],
...
bootstrap: [AppComponent]
})
AuthService has the authenticate and invalidate methods:
The authenticate method posts the credentials to the API (configured at the AuthLoader) using the parameters username
and password, and checks the response for a JWT token. If successful, then the authentication response is added
to the storage (configured at the AuthLoader) and the token property of AuthService is set.
That token might be used by other services in the application to set the authorization header of http requests made to secure endpoints.
As the name says, the invalidate method clears the JWT token, flushes the authentication response from the storage,
and redirects to the login page.
The following example shows how to log in and out of the Angular application.
...
import { AuthService } from '@ngx-auth/core';
@Component({
templateUrl: './login.component.html',
styleUrls: ['./login.component.scss']
})
export class LoginComponent {
...
username: string;
password: string;
constructor(private readonly auth: AuthService) {
...
}
login(): void {
this.auth.authenticate(this.username, this.password)
.subscribe(() => {
if (!this.auth.isAuthenticated)
// display warning
});
}
logout(): void {
this.auth.invalidate();
}
}
The MIT License (MIT)
Copyright (c) 2019 Burak Tasci
FAQs
JWT authentication utility for Angular & Angular Universal
The npm package @ngx-auth/core receives a total of 69 weekly downloads. As such, @ngx-auth/core popularity was classified as not popular.
We found that @ngx-auth/core demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.
Security News
Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.
Security News
Node.js has paused its bug bounty program after funding ended, removing payouts for vulnerability reports but keeping its security process unchanged.