Login and Authentication With Angular 6

Login and Authentication With Angular 6

Every application need some some sort of authentication. In this tutorial we are going to create a simple login page. If the login is successful, the user could see home page, Login and Authentication With Angular 6

Every application need some some sort of authentication. In this tutorial we are going to create a simple login page. If the login is successful, the user could see home page. If the login is not successful, then you would stay in login page. This tutorial is for understanding what we need to consider and it is the simplest way. You need to do more than this in production environment.

There is three aspect in each login:

1- Getting Token from server and storing it.

2- Use the stored token in order to access restricted APIs.

3- Guard restricted pages

Getting token from server and storing it

This step is very simple. All you have to do is to create a form, send the data to server, get the token and storing it. We use localstorage for storing our token.

First we need to create an authentication service.

ng generate service auth

And you change the authService file like this:

import {Injectable} from '@angular/core';
import {HttpClient, HttpHeaders} from '@angular/common/http';
import {Observable, of} from 'rxjs';
import {catchError, tap} from 'rxjs/internal/operators';
const httpOptions = {
    headers: new HttpHeaders({'Content-Type': 'application/json'})
};
@Injectable({
    providedIn: 'root'
})
export class AuthService {
    private url = '/login/';
    constructor(private http: HttpClient) {
    }
    login(data): Observable<any> {
        return this.http.post<any>(this.url, data, httpOptions).pipe(
            tap((result) => this.save_token(result)),
            catchError(this.handleError<any>('login'))
        );
    }
    private handleError<T>(operation = 'operation', result?: T) {
        return (error: any): Observable<T> => {
            return of(result as T);
        };
    }
    private save_token(data) {
        if (data.success) {
            localStorage.setItem('token', data.token);
            return;
        }
    }
}

We have a constructor and three function in this service. The constructor is responsible to initiate the httpClient. In login method, we create a post request with the data that is provided by our component. We then send this request to the server (with /login url) and get the response. Login method needs to return an observable. We use pipe and tap in order to achieve this.

Pipe is set to chain some operations and return an observable that is result of all the operations. The tap method is responsible to perform an action on the result and returns an observable that is identical to the source. We use tap to save the token.

In save_token function if the result of login is successful, then we save the token in to the localStorage. After that the tap method sends returns the result observable. The catchError method is responsible to handle error. Our handleError does pretty much nothing.

Then we create a login component. In this component we create a form that gets the data from user and send it to the service

ng generate component login

And the component should look like this:

import {Component, OnInit} from '@angular/core';
import {NgForm} from '@angular/forms';
import {Router} from '@angular/router';
import {AuthService} from '../auth.service';

@Component({
    selector: 'app-login',
    templateUrl: './login.component.html',
    styleUrls: ['./login.component.css']
})
export class LoginComponent implements OnInit {

    constructor(public authService: AuthService, public router: Router) {
    }

    data = {username: '', password: ''};

    ngOnInit() {
    }

    goTo(path): void {
        this.router.navigateByUrl(path);
    }

    login(form: NgForm): void {
        this.authService.login(form.value)
            .subscribe(result => {
                if (result.success) {
                    this.goTo('home');
                }
            });
    }

}

The login function gets the form info and send it to authService (which is initiated in constructor). If the result is successful to goTo function redirects to home page.

Using the stored token in order to access restricted APIs

Now we have a token saved in our token in our localstorage, we need to use this token in order to access restricted APIs. To do so we can create an http interceptor. By default your application uses default angular http interceptor. In order to change that, we need to go to app.module.ts file and change this part:

providers: [
    {
        provide: ErrorHandler,
        useClass: CustomErrorsHandler
    },
    {
        provide: HTTP_INTERCEPTORS,
        useClass: CustomHttpInterceptor, // change this line with your custom http interceptor
        multi: true
    }
],

Then create a file named custom-http-interceptor.ts and fill it as follow:

import { HttpEvent, HttpHandler, HttpInterceptor, HttpRequest } from '@angular/common/http';
import { Injectable } from '@angular/core';
import { Observable } from 'rxjs/Observable';
import { Router } from '@angular/router';

@Injectable()
export class CustomHttpInterceptor implements HttpInterceptor {
    constructor(private router: Router) { }
    intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {


        let obj = JSON.parse(localStorage.getItem('token')

        if (obj != null) {
            req = req.clone({
                setHeaders: { 'Authorization': obj.value }
            });
        }
        else {
            if (req.url != 'login') {
                this.router.navigate(['login']);
                return;
            }
        }
        return next.handle(req);
    }
}

In this file we create a class named CustomHttpInterceptor and we override function intercept. First we check if there is any token saved in localstorage. if there is, we send this token with url with appropriate header (In this case ‘Authorization’), if it is not, we check if the requested url needs token or not. if it doesn’t we send the request with no token.

Guard restricted pages

So far we have saved our token in localstorage and we also managed to send this token with every request. Now we need to limit users to access specific pages if they are not allowed. To do that we can use in canActivate our routing file. First we add canActivate method to our authService.

canActivate(): boolean {
const token = localStorage.getItem('token');
    if (token == null)   {
        this.router.navigate(['login']);
        return false;
    }
    return true;
}

In this method we check if the token is available or not. If so, we return true otherwise we return false.

Then in our routing module (app.routing.module.ts) we change routes as follow:

const routes: Routes = [
    {path: '', redirectTo: '/login', pathMatch: 'full'},
    {
        path: 'home', component: HomeComponent,
        canActivate: [AuthService] // <- this line is added
    },
    {path: 'login', component: LoginComponent},
];

With canActivate property, we check whether the home component is accessible by user or not.

Conclusion

This tutorial is extremely simplified and its only purpose is for you to see all the aspects in one place. It is not suitable for the production environment. Security concerns such as plain text passwords are not considered. You can do a lot of things to improve it. For example you can use angular-jwtin order to check token’s validity. Regardless of that I believe a simple big picture on what needs to be done and in what place it should be is important. Hope this would help you.

Angular 6 (formerly Angular 2) - The Complete Guide

Learn Angular 2 from Beginner to Advanced

Angular 2 Firebase - Build a Web App with Typescript

Angular 2 Demystified

angular angular.js

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Install Angular - Angular Environment Setup Process

Install Angular in easy step by step process. Firstly Install Node.js & npm, then Install Angular CLI, Create workspace and Deploy your App.

Angular Charts: How To Add Charts In Angular 9 Example

To use charts in Angular, we will use the chart.js library to construct the charts. We will fake the backend server for data and display it on charts.

Basics of Angular: Part-1

What is Angular? What it does? How we implement it in a project? So, here are some basics of angular to let you learn more about angular. Angular is a Typesc

What are the best alternatives for angular js?

<img src="https://moriohcdn.b-cdn.net/193902114c.png">There are numerous frameworks and libraries used across the globe. If not angular, there are platforms like React, Vue, Aurelia and so on for app development.

Angular 8 Node & Express JS File Upload

In this Angular 8 and Node.js tutorial, we are going to look at how to upload files on the Node server. To create Angular image upload component, we will be using Angular 8 front-end framework along with ng2-file-upload NPM package; It’s an easy to use Angular directives for uploading the files.