我有一个应用程序,我有一个认证Guard设置,以确保用户无法访问应用程序,除非它们已经登录,像这样参数传递到警戒角2
import { Injectable } from '@angular/core';
import {
CanActivate, Router,
ActivatedRouteSnapshot,
RouterStateSnapshot,
CanActivateChild } from '@angular/router';
import { AuthContext } from './auth-context.service';
@Injectable()
export class AuthGuard implements CanActivate {
constructor(private router: Router, private authContext: AuthContext) { }
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): boolean {
// Check to see if a user has a valid JWT
if (this.authContext.userInfo !== undefined && this.authContext.userInfo.isAuthenticated) {
// If they do, return true and allow the user to load the home component
return true;
}
// If not, they redirect them to the login page
this.router.navigate(['/login']);
return false;
}
canActivateChild(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): boolean {
return this.canActivate(route, state);
}
}
我想补充另一个后卫授权将检查用户是否处于特定角色。目前,我正在根据此角色隐藏导航中的链接。
<div *ngIf="userInRole('Admin')">
This is secret stuff
</div>
但是,如果用户知道路由,他们可以将其插入到url中。我如何将我的“userInRole()”类型的功能添加到Guard?我将不得不通过角色名称并执行代码检查。卫兵支持参数吗?
有一对夫妇在这里的解决方案: http://stackoverflow.com/问题/ 42719445 /传递参数到路由后卫 – rook