Add a universal route guard for feature modules

Question

Add a universal route guard for feature modules

reda-i opened this issue 7 years ago · 2 comments

Clicking on certain components without authorization doesn't redirect to content or news feed. As a result to this, the user can get access to what is essentially unauthorized info. Some components in admin for some reason also, allow get requests on the user requests submitted to the admins for everyone, without authorization checks. This is a serious security threat. Also, an undesired behavior that is error prone because many components rely on authentication as a pre-condition. With that said, I propose making a universal route guard that checks for both admin authorization and user authentication, and based on the result of guard checks, redirect to a specific route.

Reference for route guard implementation is available on the angular docs.
https://angular.io/guide/router#milestone-5-route-guards

Answer 1 · 2018-05-05T19:36:30.000Z

Admin Guard implemented. Pull Request created. Please Review. @Logician724

Answer 2 · 2018-05-05T21:19:47.000Z

Finished implementing Feature guard too.