You're mixing up how you choose to break down your app. On one hand you have a folder for authentication-specific logic, and on the other hand you have a location for the type of variable something is. Honestly, I think you should relocate backendconfig and accesslevels (or maybe just the latter) to your auth module.

I also would recommend putting that index.html io.sails.url tweak into your backendconfig file and not making it JUST the constant, but also handle properly configuring the backend.

I'm just wondering if there is a convenient location to add the user object into the request.

For example, the in isAdmin policy (see https://github.com/tarlepp/angular-sailsjs-boilerplate/blob/master/backend/api/policies/isAdmin.js#L16) you are finding the user. I will likely want a number of policies to access the user object, so is there a good place to set req.user?

Thanks in advance.

Auth testing fails sporadically, caused by bredikhin/barrels#17.

This is possibly caused by barrels not creating instances of a model sequentially, hence users get different ID's on different startups, and the association gets criss crossed between users - haven't had a chance to go through their source yet.

When I do cd frontend; npm install, I get:

fontawesome#4.1.0 bower_components/fontawesome
npm ERR! peerinvalid The package karma does not satisfy its siblings' peerDependencies requirements!
npm ERR! peerinvalid Peer [email protected] wants karma@>=0.10 <=0.13
npm ERR! peerinvalid Peer [email protected] wants karma@>=0.10.9
npm ERR! peerinvalid Peer [email protected] wants karma@>=0.12.8
npm ERR! peerinvalid Peer [email protected] wants karma@>=0.9
npm ERR! peerinvalid Peer [email protected] wants karma@>=0.9
npm ERR! peerinvalid Peer [email protected] wants karma@>=0.9.3
npm ERR! peerinvalid Peer [email protected] wants karma@>=0.9
npm ERR! peerinvalid Peer [email protected] wants karma@>=0.9
npm ERR! peerinvalid Peer [email protected] wants karma@>=0.9
npm ERR! peerinvalid Peer [email protected] wants karma@>=0.9
npm ERR! peerinvalid Peer [email protected] wants karma@>=0.9

npm ERR! System Darwin 13.2.0
npm ERR! command "/opt/local/bin/node" "/opt/local/bin/npm" "install"
npm ERR! cwd /Users/juhovepsalainen/Projects/github/js/geekprofile/frontend
npm ERR! node -v v0.10.29
npm ERR! npm -v 1.4.15
npm ERR! code EPEERINVALID
npm ERR!
npm ERR! Additional logging details can be found in:
npm ERR!     .../npm-debug.log
npm ERR! not ok code 0

Hello,

Tarlepp, you're doing a wonderful job by posting this boiler plate code. I was able to deploy the backend part to Heroku properly. But I'm not sure how the frontend can be properly deployed on Heroku. I'm relatively new to Gulp. If you can help with some steps to deploy to Heroku, that will be great.

Warm Regards!

Haj, I've got a little question / issue when trying to use MongoDB with the boilerplate.

After some login issues caused by missing associations (at the passport, user is set to 1 instead of the objectID mongo automatically assigns to the user), I've managed to get it pretty much working.

Though, when I try to load any of the pages books, authors, messages, chat, or pretty much anything involving fetching data I seem to get an internal server error (500, response: SyntaxError: Unexpected token c). The page will render without any data.

This is what my log (verbose) spits out:

verbose: websocket writing 6:::2+[{"body":{},"headers":{"Access-Control-Allow-Origin":"http://localhost:3001","Access-Control-Allow-Credentials":true},"statusCode":500}]
verbose: Routing message over socket: { method: 'get',
data: { token: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.NTNlY2NhYWI1ZWJjYmJjNjFhNzk2NThl.japacKkRJCyAZyI6JPGJ73e_hyf12xowJ6UhWLkY4fc' },
url: 'http://localhost:1337/book?limit=10&skip=0&sort=releaseDate+DESC',
headers: {} }
verbose: /Users/lars/Sandbox/angular-sailsjs-boilerplate/backend/api/policies/Passport.js:29 [Policy.Passport() called]
verbose: /Users/lars/Sandbox/angular-sailsjs-boilerplate/backend/api/policies/Authenticated.js:15 [Policy.Authenticated() called]
error: Sending 500 ("Server Error") response:
SyntaxError: Unexpected token c
at Object.parse (native)
at Object.jwsDecode as decode
at Object.module.exports.decode (/Users/lars/Sandbox/angular-sailsjs-boilerplate/backend/node_modules/jsonwebtoken/index.js:4:14)
at Object.module.exports.verify (/Users/lars/Sandbox/angular-sailsjs-boilerplate/backend/node_modules/jsonwebtoken/index.js:55:22)
at Object.module.exports.verify (/Users/lars/Sandbox/angular-sailsjs-boilerplate/backend/api/services/Token.js:35:16)
at module.exports (/Users/lars/Sandbox/angular-sailsjs-boilerplate/backend/api/policies/Authenticated.js:48:29)
at routeTargetFnWrapper (/Users/lars/Sandbox/angular-sailsjs-boilerplate/backend/node_modules/sails/lib/router/bind.js:178:5)
at callbacks (/Users/lars/Sandbox/angular-sailsjs-boilerplate/backend/node_modules/sails/node_modules/express/lib/router/index.js:164:37)
at param (/Users/lars/Sandbox/angular-sailsjs-boilerplate/backend/node_modules/sails/node_modules/express/lib/router/index.js:138:11)
at pass (/Users/lars/Sandbox/angular-sailsjs-boilerplate/backend/node_modules/sails/node_modules/express/lib/router/index.js:145:5) [SyntaxError: Unexpected token c]
verbose: /Users/lars/Sandbox/angular-sailsjs-boilerplate/backend/api/services/Logger.js:62 [Service.Logger.request() called]
verbose: sending data ack packet
verbose: websocket writing 6:::3+[{"body":{},"headers":{"Access-Control-Allow-Origin":"http://localhost:3001","Access-Control-Allow-Credentials":true},"statusCode":500}]

Any thoughts?

Yeah... kinda surprised you left this out.

Hi there,
First off - thanks for providing this splendid framework. One thing I noted in the backend: After installation and lifting, when attempt to login with credentials demo / demodemodemo I have got always "Invalid User" error message.
After few hours of debugging I found that in backend/api/services/protocols/local.js - lines 91, 92:

protocol: 'local',
user: user.id

as a part of the db query to passport model. I switched to MongoDB and when I looked at passport.user field I saw '1' and '2', therefore the query above will never find user's passport.
Would you be so kind and support me for fixing the bug?

Best Regards,
Angel

Hi, i can't add github/google authorization feature,
could you make example for that please...

I don't bother using the ['$scope', function($scope){}] syntax anymore since this can be handled at build time.

I'm having a bit of trouble understanding what the gulp pipeline does, but I like how you ripped the frontend out of sails and want to do this myself. Do you still let sails host the static assets, or does gulp have a mini server in addition to compiling?

I'm assuming passport still hosts everything, in which case, what is the path that sails is expecting static assets to be located, and where in the backend can I edit this path?

Referring to https://github.com/tarlepp/angular-sailsjs-boilerplate/blob/master/frontend/src/app/components/Filters/newLines.js

You can get a pretty decent performance boost by simply using CSS and dropping this filter altogether.

https://developer.mozilla.org/en-US/docs/Web/CSS/white-space

Refer to the pre, pre-line and pre-wrap for different variations that all have the same result as this filter.

When I run app example, once logged, I'm tried to access examples page, but it's don't work. Of corse, it's work with firfox, chrome ...

The object is clear enough.

Is it possible?

Since you're declaring a module for each feature (books, authors, etc), there is no reason the state definitions should not be relocated to each modules respective .config(). This way I can simply tear out the module and the state definitions go with it. Theoretically, if I can remove just the folder + the module dependency in app.js I should be done.

I don't see a point in doing this manually in all of the source files. Just needless clutter.

At the frontend, on DataService file I tried to add a method to post:

                        post: function(endPoint, parameters) {
                          parameters = parameters || {};
                          return $http.post(parseEndPointUrl(endPoint), parameters);
                        }

But I always receive the error callback.. Doesn't matter if the book is creating or not, but its returning always the error callback... Can you help-me?

PS: First I tried with $sailsSocket, and I was thinking that it was a bug with sockets, but the same error occurs with $http...

Thanks!

Right now, the index.html file is written to by the gulp script. This causes problems when you have a team of people working in the same project.

I would recommend that you take a look at the ngbp project, and see how they have set it up.
https://github.com/ngbp/ngbp

The god thing about their structure, is that the buildscript isn't changing anything that gets saved to Git, and thus avoiding merge conflicts.

Hi there, I'm starting to use your boilerplate and have this problem. https://www.dropbox.com/s/looc84qufunkf30/login-fail.jpg?dl=0

https://docs.angularjs.org/api/ngSanitize/filter/linky

Hello!

First, I want to thank you for all the work you've done, making the job so much easier for newcomer to sails / angular like me.

I would like to put this here as a request to have one ressource with full crud example. Currently, the book section have display ability, it would be awesome to have an "admin" role to allow create/edit of new books. I'm trying to wrap my head around getting it structured like the rest of the boilerplate, and I think that's one of the only case missing to have an overall good starter frame for any kind of application.

Thank you!

There is a trick to keeping state names short by mixing together dot notation and parent attributes. You should remove from the name any 'global' prefixes (such as auth or frontend, etc). This will allow you to keep state names concise and easy to remember for developers. Specifically auth.login, etc.

A User's password is stored in a Passport model. I want to create a new user with a simple username/password form, and need to create a passport for the user. The .connect method of passport's 'local' protocol (services/protocols/local.js) does this - i.e. creates a passport if one does not exist for a given user, using the user's id as foreign key for the passport. But, this method looks for the user's id on the request object. One can do 'request.user = user', but then gets redundant user object on the response returned to the client (passport.session does that already). Or, one can manually create a passport object and associate it with the user as part of the user creation - e.g. in User.create or an afterCreate lifecycle callback. What is the correct mechanism for this? Neither one of my approaches feels very clean, and I get the feeling I may be way off track on something.
Thanks - and fantastic end to end boilerplate. A real time saver.

I don't get why you even have it. It's just a url prefixer for ng-include, so all you're doing is obfuscating perfectly simple angular logic. It also seems like you're making this arbitrary separation between those partials and other partials which again just furhter serves to confuse me. Why don't you drop the template directive and move the partials into more relevant locations and swap out your template code to ng-include.

It could make sense to generate url at index.html based on some configuration file (ie. config.js(on) at frontend/) using a gulp plugin. Default to localhost:1337 if not set.

It would be easy to generalize this to support general substitution (ie. just map configuration to template context that is used to generate resulting index.html). Something like gulp-handlebars could be a good fit.

It would be good to mention that bcrypt should be installed before hitting npm install at backend. Otherwise sails lift will fail.

On MacPorts - port install bcrypt + npm rebuild if installed already. Perhaps it makes sense to link elsewhere for bcrypt related instructions.

Thanks a lot Tarlepp for sharing!! :)
I'm relatively new to Sails and Angular, and trying to create a hybrid app that I can use with phonegap and put on the app store. The documentation around is lacking, and a lot of people seem to be confused about how they all fit together as well. Your solution could be a huge help!!
I just wanted to ask a couple of questions: Is this readily usable with phonegap, (as in you just use the frontend/dist folder)? And in this case would all the functionality (authentication, websockets, etc.. ) still work?

I find it much more elegant: https://github.com/gsklee/ngStorage

You can do stuff like $localStorage.auth_token = {} and it will handle serialization and deserializtion, no getters/setters necessary.

I used Coffeescript specifically so I could do a sort of class structure where I have a base model class that all other models extend from. Essentially this simply uses the javascript prototype system. It makes for quite elegant code.

This should go in your main app .run() for catching routing errors otherwise they never get emit.

Again, you're doing this strange inconsistent breakdown of your application. Why would you have an auth folder and then in a completely unrelated location place the auth service? It's just creating more confusion when people go looking for assets. I would redistribute all your services, models, interceptors, constants, etc into more purpose-based locations vs type-based locations.

Sometimes on my development process, sails session run out and the app gets broken. Sockets.io do not recreate sessions, so every socket connection get unauthenticated in sails side. This behavior is not seen by the app which do nothing.

The problem is better documented on this comments

I bring the problem to angular boilerplate because the app architecture collaborate for the issue, as sails server is reached only be sockets.

Ill try to match the failed connect within interceptors, but not sure yet how to detect it. Maybe a fix forAuthInterceptor`.

I don't really like that the $sailsSocket service is being needlessly wrapped and obfuscated just so you can prefix the endpoint urls. This is exactly what interceptors are for, and since BackendConfig is a constant, you can access it at config time instead of just runtime, further rendering this wrapper superfluous.

Thank you very much for this boilerplate, @tarlepp , quite useful :)

I've seen you have included Highcharts as a dependency lately and I also need some charts for my project. However, looks like Highcharts license is not completely free (only for non-commercial), so I should not use it. This makes me wonder whether there is any other dependency license with the same issue in your boilerplate. As a suggestion, perhaps it would be nice to have a list of this kind of dependencies in the readme.md.

Thanks again!

ListSearch, Footer, etc. I don't see a point in having these assets in two places needlessly.

And why? That's why https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/

下边的这个问题是如何解决的呢？

var parseSignedCookie = require('connect').utils.parseSignedCookie;
                                                ^
TypeError: Cannot read property 'parseSignedCookie' of undefined
    at Object. (E:\nodejs\lianxi\chat\app.js:14:49)
    at Module._compile (module.js:456:26)
    at Object.Module._extensions..js (module.js:474:10)
    at Module.load (module.js:356:32)
    at Function.Module._load (module.js:312:12)
    at Function.Module.runMain (module.js:497:10)
    at startup (node.js:119:16)
    at node.js:906:3

requests are being logged through myRequestLogger middleware. The request logger service records the user id either as request.token, if it's defined, or -1 if not. Because request.login is initialized in the authenticated policy, which always is always triggered after the logger middleware has already triggered, the userId is always recorded as -1. This somewhat defeats the purpose of logging requests. I attempted but could not find a clean solution. Moving the logger to a policy would work, but that does not feel at all natural.

The more I poke around the code, the less and less I find this accessible. Is having 2 authentication policies really necessary?

There is now ng-keypress built into the core after ui-utils had the directive for some time.

Is there a reason for no user reg?

Thanks and looking for a recommendation on how best to handle new signups

Hi!

It would be wonderful to have unit test examples added to the front and back-end, so new user can get started in the right direction with solid examples.

Thanks!

For example, in your chat state, you immediately in the controller query the backend for chat messages, and then asynchronously throw them onto the scope and scroll to the bottom of the page. If you instead query the messages in a resolve for the state, you don't have to do this initial scroll and relegate a lot of async initialization in the controller to synchronous initialization.

There is no DOM traversal or binding going on whatsoever in these directives. I've given talks about how you can refactor unnecessary directives such as specifically navigation directives into named views (which is essentially html + controller) and still enable communication between the navigation and other controllers.

It's nifty because a child state can override the navigation from any level and supplement or enhance it as it sees fit, something you could not normally do easily/declaratively with a directive.

So I'm getting a headache trying to add the massive amounts of logic required from a blank app to get socket+passport auth working, and I'm getting a headache trying to take out things in your boilerplate that I don't want, which causes everything to break because you've dispersed the logic all over the place.

Is there ANY chance you could make a fork or branch or something that ONLY contains the auth and front/back separation? I don't want all the GUI tweaks, I just want passport and auth working for a separated front/back. I've spent like 12 hours trying to get this done and it's giving me a headache.

Can i detect state of ui-router and show or hide in NavigationHeader?

How to do?

I put this in NavigationHeader:

But in directive NavigationHeader.js i don't know how to pass in the $scope the state.

How to do?

Hi!

Just a heads-up, your back-end code require async, If not installed globally, it will complain on sails lift since it is not in the sails package.json. Best solution would be to add it there.

Thank you!

Hi there

I was wondering how the oauth token gets from the OAuth provider to the back end app so that the back end app can then issue a JWT and log the user in. I don't see mention of this process anywhere (although I may have missed it)

0 info it worked if it ends with ok
1 verbose cli [ 'C:\Program Files\nodejs\node.exe',
1 verbose cli 'C:\Program Files\nodejs\node_modules\npm\bin\npm-cli.js',
1 verbose cli 'install' ]
2 info using [email protected]
3 info using [email protected]
4 verbose node symlink C:\Program Files\nodejs\node.exe
5 verbose install where, deps [ 'D:\PROJECTS\angular-sailsjs-boilerplate', [] ]
6 verbose install where, peers [ 'D:\PROJECTS\angular-sailsjs-boilerplate', [] ]
7 info preinstall [email protected]
8 silly install resolved []
9 info build D:\PROJECTS\angular-sailsjs-boilerplate
10 verbose linkStuff [ false, false, false, 'D:\PROJECTS' ]
11 info linkStuff [email protected]
12 verbose linkBins [email protected]
13 verbose linkMans [email protected]
14 verbose rebuildBundles [email protected]
15 info install [email protected]
16 verbose unsafe-perm in lifecycle true
17 info [email protected] Failed to exec install script
18 verbose stack Error: [email protected] install: cd backend && npm install && cd ../frontend && npm install
18 verbose stack Exit status 1
18 verbose stack at EventEmitter. (C:\Program Files\nodejs\node_modules\npm\lib\utils\lifecycle.js:213:16)
18 verbose stack at EventEmitter.emit (events.js:110:17)
18 verbose stack at ChildProcess. (C:\Program Files\nodejs\node_modules\npm\lib\utils\spawn.js:14:12)
18 verbose stack at ChildProcess.emit (events.js:110:17)
18 verbose stack at maybeClose (child_process.js:1008:16)
18 verbose stack at Process.ChildProcess._handle.onexit (child_process.js:1080:5)
19 verbose pkgid [email protected]
20 verbose cwd D:\PROJECTS\angular-sailsjs-boilerplate
21 error Windows_NT 6.3.9600
22 error argv "C:\Program Files\nodejs\node.exe" "C:\Program Files\nodejs\node_modules\npm\bin\npm-cli.js" "install"
23 error node v0.12.0
24 error npm v2.5.1
25 error code ELIFECYCLE
26 error [email protected] install: cd backend && npm install && cd ../frontend && npm install
26 error Exit status 1
27 error Failed at the [email protected] install script 'cd backend && npm install && cd ../frontend && npm install'.
27 error This is most likely a problem with the angular-sailsjs-boilerplate package,
27 error not with npm itself.
27 error Tell the author that this fails on your system:
27 error cd backend && npm install && cd ../frontend && npm install
27 error You can get their info via:
27 error npm owner ls angular-sailsjs-boilerplate
27 error There is likely additional logging output above.
28 verbose exit [ 1, true ]

You should use $state.contains() or ui-sref-active