definma-ui/src/app/services/login.service.ts

114 lines
3.1 KiB
TypeScript

import { Injectable } from '@angular/core';
import {ApiService} from './api.service';
import {ActivatedRouteSnapshot, CanActivate, RouterStateSnapshot} from '@angular/router';
import {LocalStorageService} from 'angular-2-local-storage';
import {Observable} from 'rxjs';
@Injectable({
providedIn: 'root'
})
export class LoginService implements CanActivate {
private pathPermissions = [
{path: 'templates', permission: 'maintain'},
{path: 'users', permission: 'admin'}
];
readonly levels = [
'read',
'write',
'maintain',
'dev',
'admin'
];
private loggedIn;
private level;
constructor(
private api: ApiService,
private storage: LocalStorageService
) {
}
login(username = '', password = '') {
return new Promise(resolve => {
if (username !== '' || password !== '') { // some credentials given
let credentials: string[];
const credentialString: string = this.storage.get('basicAuth');
if (credentialString) { // found stored credentials
credentials = atob(credentialString).split(':');
}
else {
credentials = ['', ''];
}
if (username !== '' && password !== '') { // all credentials given
this.storage.set('basicAuth', btoa(username + ':' + password));
}
else if (username !== '') { // username given
this.storage.set('basicAuth', btoa(username + ':' + credentials[1]));
}
else if (password !== '') { // password given
this.storage.set('basicAuth', btoa(credentials[0] + ':' + password));
}
}
this.api.get('/authorized', (data: any, error) => {
if (!error) {
if (data.status === 'Authorization successful') {
this.loggedIn = true;
this.level = data.level;
resolve(true);
} else {
this.loggedIn = false;
this.storage.remove('basicAuth');
resolve(false);
}
} else {
this.loggedIn = false;
this.storage.remove('basicAuth');
resolve(false);
}
});
});
}
logout() {
this.storage.remove('basicAuth');
this.loggedIn = false;
}
canActivate(route: ActivatedRouteSnapshot = null, state: RouterStateSnapshot = null): Observable<boolean> {
return new Observable<boolean>(observer => {
const pathPermission = this.pathPermissions.find(e => e.path.indexOf(route.url[0].path) >= 0);
if (!pathPermission || this.is(pathPermission.permission)) { // check if level is permitted for path
if (this.loggedIn === undefined) {
this.login().then(res => {
observer.next(res as any);
observer.complete();
});
}
else {
observer.next(this.loggedIn);
observer.complete();
}
}
else {
observer.next(false);
observer.complete();
}
});
}
get isLoggedIn() {
return this.loggedIn;
}
is(level) {
return this.levels.indexOf(this.level) >= this.levels.indexOf(level);
}
get username() {
return atob(this.storage.get('basicAuth')).split(':')[0];
}
}