I have created an application that users can log into then look up customer information
WHAT I AM TRYING TO DO
Restrict access to various routes based upon the permissions of the user.
WHERE I AM UP TO
I am using:
ui-router - for routing
ng-token-auth (https://github.com/lynndylanhurley/ng-token-auth) - for handing authentication
angular-acl (https://github.com/mikemclin/angular-acl) - for handling permissions.
When the user logs in, the 'auth:validation-success' event is broadcasted. I use this event to populate the aclProvider with the user permissions data returned from the authProvider then on the route I use the resolve method to check if the user has permissions to view it.
Which is perfect however...
When I refresh the page I loose the user stored in the authProvider and the permissions stored in the AclProvider. By default the authProvider will re-authenticate on page refresh, returning the user data but the resolve method always fires first and therefore the permissions don't exist because they haven't been read from the user...
How can I fix this?