| title | name | description | alias | language | framework | image | tags | snippets | seo_alias | ||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Auth0 Angular 2 SDK Tutorial |
Angular 2 |
This tutorial will show you how to use the Auth0 Angular 2 SDK to add authentication and authorization to your web app. |
|
|
|
/media/platforms/angular.png |
|
|
angular2 |
You can get started by either downloading the seed project or if you would like to add Auth0 to an existing application you can follow the tutorial steps.
::: panel-info System Requirements This tutorial and seed project have been tested with the following:
- Angular2 2.0.0-rc.1
- NodeJS 4.3 :::
<%= include('../_includes/_package', { pkgRepo: 'auth0-angular2', pkgBranch: 'master', pkgPath: null, pkgFilePath: null, pkgType: 'js' }) %>
If you have an existing application, follow the steps below.
${include('./_callback')}
Install angular2-jwt with npm.
${snippet(meta.snippets.install)}
Add Lock in your index.html file and set the viewport.
${snippet(meta.snippets.dependencies)}
If you're using SystemJS, set up System.config to map angular-jwt so that it can be imported.
${snippet(meta.snippets.system_map)}
If you are using Webpack, please see the auth0-angular2 Webpack example for configuration.
To set up a simple component, you'll need some standard Angular 2 imports, as well as the AuthHttp class and tokenNotExpired function from angular2-jwt.
${snippet(meta.snippets.setup)}
To implement login, create a new Auth0Lock instance in your component. In this example, login is implemented in the app's root component, but it could also be placed in a child component.
${snippet(meta.snippets.use)}
${browser}
In the login method, call lock.show to display the login widget. On a successful login, you can save the user's profile object (as a string) and token in local storage.
To log the user out, simply remove the profile and token from local storage.
You can use the tokenNotExpired function in the loggedIn method to conditionally show and hide the Login and Logout buttons.
Note: There are multiple ways of implementing a login. The example above displays the Login Widget. However you may implement your own login UI by changing the line <script src="//cdn.auth0.com/js/lock-9.0.min.js"></script> to <script src="//cdn.auth0.com/w2/auth0-6.8.js"></script>.
The AuthHttp class is used to make authenticated HTTP requests. AuthHttp uses Angular 2's Http class but includes the Authorization header for you on requests.
${snippet(meta.snippets.request)}
Inject the AuthHttp class as authHttp. This example uses the get method to make an authenticated GET request. AuthHttp supports all HTTP verbs, so you can just as easily do POST, PUT, and DELETE requests. You can provide an object as the second argument to the call if you want to include a body.
Although data from the API will be protected and require a valid JWT to access, users that aren't authenticated will be able to get to any route by default. You can use the @CanActivate life-cycle hook from Angular 2's router to limit navigation on certain routes to only those with a non-expired JWT.
${snippet(meta.snippets.router)}
Use the tokenNotExpired function within the @CanActivate life-cycle hook to determine if the user can navigate to the private route. If the token isn't expired, the function will return true and navigation will be permitted.
You have completed the implementation of Login and Signup with Auth0 and Angular 2.
The AuthHttp class sets a property, tokenStream, as an observable stream from the user's JWT. This stream can be used with other streams and can be combined to make authenticated requests. This can be used as an alternative to the explicit methods in the AuthHttp class.
${snippet(meta.snippets.observable)}