Attaching roles and abilities on Login Loader

silverbux · silverbux · commit f3b47bae8843 · 2016-05-18T09:20:06.000+08:00
diff --git a/angular/app/components/login-loader/login-loader.component.js b/angular/app/components/login-loader/login-loader.component.js
@@ -1,10 +1,17 @@
 class LoginLoaderController {
-  constructor ($state, $auth, API) {
+  constructor ($state, $auth, API, AclService) {
     'ngInject'
 
     API.oneUrl('authenticate').one('user').get().then((response) => {
       if (!response.error) {
-        $auth.setToken(response.data)
+        let data = response.data
+
+        angular.forEach(data.userRole, function (value, key) {
+          AclService.attachRole(value)
+        })
+
+        AclService.setAbilities(data.abilities)
+        $auth.setToken(data.token)
         $state.go('app.landing')
       }
     })
diff --git a/angular/config/routes.config.js b/angular/config/routes.config.js
@@ -166,7 +166,7 @@ export function RoutesConfig ($stateProvider, $urlRouterProvider) {
     .state('loginloader', {
       url: '/login-loader',
       views: {
-        'main@app': {
+        'layout': {
           templateUrl: getView('login-loader')
         },
         'header@app': {},
@@ -207,6 +207,7 @@ export function RoutesConfig ($stateProvider, $urlRouterProvider) {
           controller: function ($scope, $auth, $state, AclService) {
             $auth.logout().then(function (oldUser) {
               AclService.flushRoles()
+              AclService.setAbilities({})
               $state.go('login')
             })
           }
diff --git a/app/Http/Controllers/Auth/AuthController.php b/app/Http/Controllers/Auth/AuthController.php
@@ -17,7 +17,15 @@ public function getAuthenticatedUser()
             $user = Auth::user();
             $token = JWTAuth::fromUser($user);
 
-            return response()->success($token);
+            $abilities = array(
+                'guest' => array('login'),
+                'user' => array('logout', 'view_content'),
+                'admin' => array('logout', 'manage_content', 'view_content'),
+            );
+
+            $userRole = array('admin', 'user');
+
+            return response()->success(compact('user', 'token', 'abilities', 'userRole'));
         } else {
             return response()->error('unauthorized', 401);
         }
diff --git a/app/Http/routes.php b/app/Http/routes.php
@@ -29,6 +29,15 @@
 });
 
 // ADMIN ROUTES
+
+$api->group(['middleware' => ['api', 'api.auth']], function ($api) {
+    $api->controller('users', 'UserController');
+});
+
+/* EXAMPLE PROTECTED ROUTE
+
 $api->group(['middleware' => ['api', 'api.auth', 'role:admin']], function ($api) {
     $api->controller('users', 'UserController');
 });
+
+*/
diff --git a/app/User.php b/app/User.php
@@ -22,7 +22,7 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
      * @var array
      */
     protected $fillable = [
-        'name', 'email', 'password', 'avatar','oauth_provider_id', 'oauth_provider'
+        'name', 'email', 'password', 'avatar'
     ];
 
     /**
@@ -31,6 +31,6 @@ class User extends Model implements AuthenticatableContract, CanResetPasswordCon
      * @var array
      */
     protected $hidden = [
-        'password', 'remember_token'
+        'password', 'remember_token','oauth_provider_id', 'oauth_provider'
     ];
 }
