You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: readme.md
+22-16
Original file line number
Diff line number
Diff line change
@@ -86,22 +86,6 @@ We provide an extremely simplifed deployment process for heroku.
86
86
87
87
That's it! Your app should be live and shareable. Type `heroku open` to view it.
88
88
89
-
## Route authorization with Passport boilerplate
90
-
91
-
For restricting server API routes to authenticated users, you can pass your routes through the `auth` middleware, which will send a 401 unauthorized error if a request is made from someone thats not logged in.
92
-
93
-
The client side will automatically send you to the login page if it receives a 401 error.
94
-
95
-
However, as this will load part of the page before redirecting, it will cause a flicker. A way to avoid this is to to mark the routes on the client side that you want to require authentication for.
96
-
97
-
You can do this from your `app.js` by adding the following to any client routes that you want to restrict to logged in users.
98
-
99
-
```
100
-
authenticate: true
101
-
```
102
-
103
-
Keep in mind this client routing is only for improving the user interface. Make sure you secure your server API routes and don't give any sensitive information unless the user is authenticated or authorized.
104
-
105
89
## Generators
106
90
107
91
All of the **generator-angular** client side generators are available, but aliased with `angular-fullstack` to correctly generate with the fullstack folder structure.
@@ -222,6 +206,28 @@ The following additional modules are available as components on bower, and insta
222
206
223
207
All of these can be updated with `bower update` as new versions of AngularJS are released.
224
208
209
+
## Passport boilerplate
210
+
211
+
The passport boilerplate requires the `ng-route`, `ng-resource`, and `ng-cookie` modules to work out of the box.
212
+
213
+
It generates a login, signup, and settings page, and creates the backend support for creating accounts using PassportJS.
214
+
215
+
### Restricted routes
216
+
217
+
For restricting server API routes to logged in users, you can pass your routes through the `auth` middleware, which will send a 401 unauthorized error if a request is made from someone thats not authenticated.
218
+
219
+
The client side will automatically send you to the login page if it receives a 401 error.
220
+
221
+
However, as this will load part of the page before redirecting, it will cause a flicker. A way to avoid this is to to mark the routes on the client side that you want to require authentication for.
222
+
223
+
You can do this from your `app.js` by adding the following to any client routes that you want to restrict to logged in users.
224
+
225
+
```
226
+
authenticate: true
227
+
```
228
+
229
+
Keep in mind this client routing is only for improving the user interface. Make sure you secure your server API routes and don't give any sensitive information unless the user is authenticated or authorized.
230
+
225
231
## Testing
226
232
227
233
Running `grunt test` will run the unit tests with karma.
0 commit comments