diff --git a/bower.json b/bower.json
index a32d3526..9cbca1f5 100755
--- a/bower.json
+++ b/bower.json
@@ -40,7 +40,8 @@
"angular-mocks": "~1.4.0",
"angular-scenario": "~1.4.0",
"AngularDevise": "angular-devise#^1.3.0",
- "angular-ui-router": "^0.3.1"
+ "angular-ui-router": "^0.3.1",
+ "angular-cookies": "^1.5.8"
},
"license": "Copyright 2015 Maestrano Pty Ltd",
"repository": {
@@ -48,6 +49,7 @@
"url": "git://github.com/maestrano/impac-angular.git"
},
"resolutions": {
- "angular": "~1.4.0"
+ "angular": "1.4.14",
+ "angular-cookies": "^1.5.8"
}
}
diff --git a/gulp/server.js b/gulp/server.js
index 460c575d..e4f018f2 100644
--- a/gulp/server.js
+++ b/gulp/server.js
@@ -28,15 +28,6 @@ function browserSyncInit(baseDir, browser) {
routes: routes
};
- /*
- * You can add a proxy to your backend by uncommenting the line below.
- * You just have to configure a context which will we redirected and the target url.
- * Example: $http.get('/users') requests will be automatically proxified.
- *
- * For more details and option, https://github.com/chimurai/http-proxy-middleware/blob/v0.9.0/README.md
- */
- server.middleware = proxyMiddleware(['/auth', '/mnoe'], { target: 'http://localhost:7000' });
-
$.browserSync.instance = $.browserSync.init({
port: 7001,
startPath: '/',
diff --git a/workspace/app/app.js b/workspace/app/app.js
index f8576b8b..dde52ce2 100644
--- a/workspace/app/app.js
+++ b/workspace/app/app.js
@@ -7,7 +7,8 @@ var module = angular.module('impacWorkspace', [
'maestrano.impac',
'toastr',
'Devise',
- 'ui.router'
+ 'ui.router',
+ 'ngCookies'
]);
// --
@@ -48,22 +49,39 @@ module.config(function ($stateProvider, $urlRouterProvider) {
// --
// Configure Angular Devise paths for mno-enterprise.
// -------------------------------------------------------
-module.config(function (AuthProvider) {
+module.config(function (AuthProvider, DevSettingsProvider) {
+ var mnoeHostUrl = DevSettingsProvider.$get().defaults().mnoeUrl.host;
// Customize login
AuthProvider.loginMethod('POST');
- AuthProvider.loginPath('mnoe/auth/users/sign_in.json');
+ AuthProvider.loginPath(mnoeHostUrl + '/mnoe/auth/users/sign_in.json');
// Customize logout
AuthProvider.logoutMethod('DELETE');
- AuthProvider.logoutPath('mnoe/auth/users/sign_out.json');
+ AuthProvider.logoutPath(mnoeHostUrl + '/mnoe/auth/users/sign_out.json');
// Customize register
AuthProvider.registerMethod('POST');
- AuthProvider.registerPath('mnoe/auth/users');
+ AuthProvider.registerPath(mnoeHostUrl + '/mnoe/auth/users');
});
// --
-// Impac! Angular Provider Service Configurations
+// Configure Angular $http to apply XSRF Token headers to CORS requests.
+// -------------------------------------------------------
+module.constant('CSRF', {
+ "headerTokenKey": 'X-XSRF-TOKEN',
+ "cookieTokenKey": 'XSRF-TOKEN'
+});
+module.config(function($httpProvider) {
+ // Allow "credentialed" requests that are aware of HTTP cookies and HTTP
+ // Authentication information.
+ $httpProvider.defaults.withCredentials = true;
+});
+module.run(function($http, DevSession) {
+ DevSession.create();
+});
+
+// --
+// Impac! Angular Provider Service Configurations.
// -------------------------------------------------------
module.run(function (ImpacLinking, ImpacAssets, ImpacRoutes, ImpacTheming, ImpacDeveloper, DevUser, DevSettings) {
diff --git a/workspace/app/services/dev-session.svc.js b/workspace/app/services/dev-session.svc.js
new file mode 100644
index 00000000..fd12c40f
--- /dev/null
+++ b/workspace/app/services/dev-session.svc.js
@@ -0,0 +1,29 @@
+// -------------------------------------------------------
+// Impac! Angular DevSession Service
+// --------
+// Providing CSRF Support for Impac! Workspace.
+// -------------------------------------------------------
+angular.module('impacWorkspace').service('DevSession', function ($log, $http, $cookies, CSRF, DevSettings) {
+ var _self = this;
+
+ // Create a session and xsrf token - ping mnoe api so we get a valid XSRF cookie.
+ this.create = function () {
+ return $http.get(DevSettings.defaults().mnoeUrl.host + '/mnoe/auth/users/sign_in.json')
+ .success(function() {
+ _self.setCsrfHttpHeader();
+ });
+ };
+
+ // Angular Devise methods (e.g `Auth.currentUser()`) generate new sessions, this keeps the
+ // default http headers up to date, ensuring the session is maintained.
+ this.update = function () {
+ this.setCsrfHttpHeader();
+ };
+
+ // Set stored XSRF cookie as $http headers common.
+ this.setCsrfHttpHeader = function () {
+ $http.defaults.headers.common[CSRF.headerTokenKey] = $cookies.get(CSRF.cookieTokenKey);
+ };
+
+ return this;
+});
diff --git a/workspace/app/services/dev-settings.svc.js b/workspace/app/services/dev-settings.svc.js
index d7ecac3f..1b01f537 100644
--- a/workspace/app/services/dev-settings.svc.js
+++ b/workspace/app/services/dev-settings.svc.js
@@ -9,7 +9,7 @@ angular.module('impacWorkspace').service('DevSettings', function ($q, ImpacRoute
var DEFAULTS = {
// API Endpoints
mnoeUrl: {
- host: '',
+ host: 'http://localhost:7000',
base: '/mnoe/jpi/v1'
},
impacUrl: {
diff --git a/workspace/app/views/workspace/workspace.controller.js b/workspace/app/views/workspace/workspace.controller.js
index 7c19cd5f..9552a033 100644
--- a/workspace/app/views/workspace/workspace.controller.js
+++ b/workspace/app/views/workspace/workspace.controller.js
@@ -1,4 +1,4 @@
-angular.module('impacWorkspace').controller('WorkspaceController', function ($scope, $state, DevUser, DevSettings) {
+angular.module('impacWorkspace').controller('WorkspaceController', function ($scope, $state, DevUser, DevSettings, DevSession) {
main = this;
main.isAuthenticated = DevUser.isAuthenticated;
@@ -13,6 +13,14 @@ angular.module('impacWorkspace').controller('WorkspaceController', function ($sc
setCurrentOrganization();
});
+ $scope.$on('devise:new-session', function () {
+ DevSession.update();
+ });
+
+ $scope.$on('devise:logout', function () {
+ DevSession.update();
+ });
+
$scope.$on('updated-providers', function () {
setCurrentOrganization();
});
diff --git a/workspace/index.html b/workspace/index.html
index ca811bf3..da7092fd 100644
--- a/workspace/index.html
+++ b/workspace/index.html
@@ -44,10 +44,12 @@
+
+