如何实施安全防范
如何实施安全防范
提问于 2018-09-19 10:45:00
我想实施两名警卫。不允许未经授权的用户访问某些页面。第二条不允许授权用户对页面进行“登录”和“注册”。但两者的工作都不正确。
一个不应该允许未经授权的用户的守卫,相反,让所有的人一排排。不应该在授权页面上启动的守卫将打开页面。我做错了什么?
路线:
import { Routes } from '@angular/router';
import { SignUpComponent } from './app/login/sign-up/sign-up.component';
import { SignInComponent } from './app/login/sign-in/sign-in.component';
import { ChatRoomComponent } from './app/layout/chat-room/chat-room.component';
import { PreventLoggedInAccess } from './app/shared/guards/prevent-logged-in.access';
import { AuthGuard } from './app/shared/guards/auth.guard';
export const appRoutes: Routes = [
{ path: '', redirectTo: 'chat', pathMatch: 'full'},
{ path: 'sign-up', component: SignUpComponent, canActivate: [PreventLoggedInAccess] },
{ path: 'sign-in', component: SignInComponent, canActivate: [PreventLoggedInAccess] },
{ path: 'chat', component: ChatRoomComponent, canActivate: [AuthGuard] }
];auth.guard.ts:
import { Injectable } from '@angular/core';
import { CanActivate, Router } from "@angular/router";
import { AuthService } from "../../services/auth.service";
@Injectable()
export class AuthGuard implements CanActivate {
constructor(private authService:AuthService,
private router:Router){}
canActivate() {
if(this.authService.authUser()){
return true;
}else{
this.router.navigate(['/sign-in']);
return false;
}
}
} 防止-登录.访问:
import { Injectable } from '@angular/core';
import { CanActivate } from '@angular/router';
import { AuthService } from "../../services/auth.service";
@Injectable()
export class PreventLoggedInAccess implements CanActivate {
constructor(
private authService:AuthService
) {}
canActivate() {
return !this.authService.authUser();
}
} 作者服务:
import { Injectable } from '@angular/core';
import { Router } from '@angular/router';
import { AngularFireAuth } from 'angularfire2/auth';
import { AngularFireDatabase } from 'angularfire2/database';
import * as firebase from 'firebase/app';
import { Observable } from 'rxjs/Observable';
import { User } from '../models/user.model';
@Injectable()
export class AuthService {
private user: Observable<firebase.User>;
private authState: any;
constructor(private dbAuth: AngularFireAuth,
private db: AngularFireDatabase,
private router: Router) {
this.user = dbAuth.authState;
}
authUser() {
return this.user;
}
....
}回答 1
Stack Overflow用户
回答已采纳
发布于 2018-09-19 12:05:07
canActivate方法需要返回布尔值,以拒绝或允许权限,因此您必须更新canActivate的返回类型,如下面的authservice:
import { Injectable } from '@angular/core';
import { Router } from '@angular/router';
import { AngularFireAuth } from 'angularfire2/auth';
import { AngularFireDatabase } from 'angularfire2/database';
import * as firebase from 'firebase/app';
import { Observable } from 'rxjs/Observable';
import { User } from '../models/user.model';
@Injectable()
export class AuthService {
private user: Observable<firebase.User>;
private authState: any;
private returnValue:any;
constructor(private dbAuth: AngularFireAuth,
private db: AngularFireDatabase,
private router: Router) {
this.user = dbAuth.authState;
this.user.subscribe(result=>{
this.returnValue=result;
});
}
authUser() {
return this.returnValue;
}
}防止-登录.访问:
import { Injectable } from '@angular/core';
import { CanActivate } from '@angular/router';
import { AuthService } from "../../services/auth.service";
@Injectable()
export class PreventLoggedInAccess implements CanActivate {
constructor(
private authService:AuthService
) {}
canActivate() {
if(this.authService.authUser()){
return false;
}
else{
return true;
}
}
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/52404046
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号