Comments (1)
sjimenez77
commented on July 29, 2024
I disagree about your Guards statement. What Guards guarantee is that a specific route in your frontend app is accessible or not depending on some criteria that the developer will specify implementing the proper methods as stated in the Angular documentation https://angular.io/guide/router#milestone-5-route-guards. Removing the Guards in the running code is really challenging and I encourage you to take a look to the generated code in the Chrome Dev Tools in any Angular application in production in order to find out if it is possible to do it. Angular is developed by Google and I can imagine that the security is a critical topic to them.
In this case, a simple tutorial, the developers will develop a canActivate method to find out if the user can or cannot access a particular route.
The mechanism is proved and used in multiple projects, but of course has to be properly aligned and validated with the security mechanisms at backend. For example canActivate could check if the user has a correct JWT or CSRF tokens in browser memory or cache that will be sent automatically in HTTP requests via interceptors. If the user sents a request with an expired or not valid token for example the server will respond with an error and the next canActivate execution will redirect the user to the login form.
Best regards,
Santos
from jump-the-queue.
Related Issues (20)
- "Build your own devon4j application" links to TeamForge Download site with outdated devonfw distribution HOT 1
- devonfw documentation still uses the term OASP in some cases HOT 1
- devon4j installation instructions should make a note on patching HOT 1
- Creating a new application with devcon doesn't work as described and leaves open questions HOT 1
- "Build your own devon4j application" contains links to non-existent wiki pages HOT 1
- "relation between visitor and daily queue" must be "relation between visitor and access code" HOT 1
- Note on error for AccessCodeEntity is outdated HOT 1
- Confusing comment with respect to saving entities HOT 1
- Adding ViewQueue path to Routes is error prone
- authService must be public to allow AoT
- Typo in code snippet of styles of "Adding Google Material and Covalent Teradata"
- How does core.module.ts work?
- Misleading Cobigen value for AccessCode component HOT 1
- Missing sort parameter in pageables of the services
- VisitormanagementTest fails (when following the tutorial documentation)
- Tests fail during Maven install (when following the tutorial documentation)
- Updating multiple times one Entity on DB
- Import modules from @angular/material in core.module.ts doesn't work
- Problems in Wiki Componentes
- CORS configuration
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jump-the-queue.