This is an example app that shows how to use Auth0 with Angular 2. It uses Auth0's angular2-jwt module. The example app is based off of ng2-play by Pawel Kozlowski.
npm install -g gulp
npm installgulp playThe app will be served at localhost:9000.
<!-- index.html -->
<script>
//configure system loader
System.config({
defaultJSExtensions: true,
map: {
"angular2-jwt": "node_modules/angular2-jwt"
}
});
</script>// app.ts
import {View, Component, bootstrap, provide, CORE_DIRECTIVES, NgIf} from 'angular2/angular2';
import {HTTP_PROVIDERS} from 'angular2/http';
import {AuthHttp, tokenNotExpired, JwtHelper} from 'angular2-jwt/angular2-jwt'; <!-- index.html -->
<!-- Auth0 Lock script and AngularJS module -->
<script src="//cdn.auth0.com/js/lock-7.9.min.js"></script>// app.ts
@Component({
directives: [ CORE_DIRECTIVES, ROUTER_DIRECTIVES, NgIf ],
selector: 'app',
template: `
<h1>Welcome to Angular2 with Auth0</h1>
<button *ng-if="!loggedIn()" (click)="login()">Login</button>
<button *ng-if="loggedIn()" (click)="logout()">Logout</button>
`
})
export class AuthApp {
lock: Auth0Lock = new Auth0Lock(YOUR_CLIENT_ID, YOUR_CLIENT_DOMAIN);
constructor() {}
login() {
this.lock.show(function(err, profile, id_token) {
if(err) {
throw new Error(err);
}
localStorage.setItem('profile', JSON.stringify(profile));
localStorage.setItem('id_token', id_token);
});
}
logout() {
localStorage.removeItem('profile');
localStorage.removeItem('id_token');
}
loggedIn() {
return tokenNotExpired();
}
}The AuthHttp class is used to make authenticated HTTP requests. The class uses Angular 2's Http module but includes the Authorization header for you.
// app.ts
...
constructor(public authHttp:AuthHttp) {}
getSecretThing() {
this.authHttp.get('http://example.com/api/secretthing')
.map(res => res.json())
.subscribe(
data => console.log(data),
err => console.log(err),
() => console.log('Complete')
);
);
}
...
bootstrap(AuthApp, [
HTTP_PROVIDERS,
provide(AuthHttp, { useFactory: () => {
return new AuthHttp();
}})
])Although data from the API will be protected and require a valid JWT to access, users that aren't authenticated will be able to get to any route by default. We can use the @CanActivate life-cycle hook from Angular 2's router to limit navigation on certain routes to only those with a non-expired JWT.
// app.ts
import {RouteConfig, ROUTER_DIRECTIVES, APP_BASE_HREF, ROUTER_PROVIDERS, CanActivate} from 'angular2/router';
@Component({
selector: 'public-route'
})
@View({
template: `<h1>Hello from a public route</h1>`
})
class PublicRoute {}
@Component({
selector: 'private-route'
})
@View({
template: `<h1>Hello from private route</h1>`
})
@CanActivate(() => tokenNotExpired())
class PrivateRoute {}
@Component({
directives: [ CORE_DIRECTIVES, ROUTER_DIRECTIVES, NgIf ],
selector: 'app',
template: `
<h1>Welcome to Angular2 with Auth0</h1>
<button *ng-if="!loggedIn()" (click)="login()">Login</button>
<button *ng-if="loggedIn()" (click)="logout()">Logout</button>
<hr>
<div>
<button [router-link]="['./PublicRoute']">Public Route</button>
<button *ng-if="loggedIn()" [router-link]="['./PrivateRoute']">Private Route</button>
<router-outlet></router-outlet>
</div>
`
})
@RouteConfig([
{ path: '/public-route', component: PublicRoute, as: 'PublicRoute' }
{ path: '/private-route', component: PrivateRoute, as: 'PrivateRoute' }
])
export class AuthApp {
...
}
bootstrap(AuthApp, [
HTTP_PROVIDERS,
ROUTER_PROVIDERS,
provide(AuthHttp, { useFactory: () => {
return new AuthHttp();
}}),
provide(APP_BASE_HREF, {useValue:'/'})
])If you wish to use the JWT as an observable stream, you can call tokenStream from AuthHttp.
// app.ts
tokenSubscription() {
this.authHttp.tokenStream.subscribe(
data => console.log(data),
err => console.log(err),
() => console.log('Complete')
);
}This can be useful for cases where you want to make HTTP requests out of obsevable streams. The tokenStream can be mapped and combined with other streams at will.
### Using JwtHelper in Components
The `JwtHelper` class has several useful methods that can be utilized in your components:
* `decodeToken`
* `getTokenExpirationDate`
* `isTokenExpired`
You can use these methods by passing in the token to be evaluated.
```js
// app.ts
...
jwtHelper: JwtHelper = new JwtHelper();
...
useJwtHelper() {
var token = localStorage.getItem('id_token');
console.log(
this.jwtHelper.decodeToken(token),
this.jwtHelper.getTokenExpirationDate(token),
this.jwtHelper.isTokenExpired(token)
);
}
...
Auth0 helps you to:
- Add authentication with multiple authentication sources, either social like Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, amont others, or enterprise identity systems like Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider.
- Add authentication through more traditional username/password databases.
- Add support for linking different user accounts with the same user.
- Support for generating signed Json Web Tokens to call your APIs and flow the user identity securely.
- Analytics of how, when and where users are logging in.
- Pull data from other sources and add it to the user profile, through JavaScript rules.
- Go to Auth0 and click Sign Up.
- Use Google, GitHub or Microsoft Account to login.
This project is licensed under the MIT license. See the LICENSE file for more info.