Changed some bad comments referencing the Articles module in other modules.
Typo fixed in xxx.client.modules.js files ("Application" => "Applicaion")
Full stop character removed at the end of line comments
Adds a check for the existence of the "guest" role in the state configuration
that we're transitioning to, in the core $stateChangeStart event handler. If
it exists, then we allow access.
Also, added validation of Authentication.user object. While writing
tests, I ran into an issue here when the Authentication service wasn't injected
into a controller. Probably best to have this check in place.
Fixes https://github.com/meanjs/mean/issues/1098
Fixes the issue with the previous state not being recorded, when the
unauthenticated user is redirected to the signin state, when trying to
access a restricted route.
Added a function that stores the provided state & state params, in the
$state.previous object. This has been implemented in the
$stateChangeSuccess event, and the callback of the $state.go transition
when the user is not allowed to access the requested route.
Two different strategies are adopted, one for when the user authenticates locally and the other through providers. When authenticating locally, the signin function in the client controller redirects to the previous state (storing and using a state name) after successful login. When authenticating through a provider, the first call to provider stores the previous URL (not state, URL) in the session. Then, when provider actually calls the authentication callback, session redirect_to path is used for redirecting user.
Updated the Socket client service, with a connect() method. Moved state
redirect out of from Socket service. Added the Authentication.user
check to the Chat client controller, and added a check to make sure the
Socket client service is connected to the server; if not, then connect
using the new connect() method.
Had to do a hard reset from 0.4.0 due to conflicts when merging and
pushing to remote.
A state parameter was added for the routes that require user authentication. Now, everytime a statechange occurs, the destination state is checked and user is redirected to signin page if necessary. Note the state parameter is added within `data`, so that nested states can inherent its value.
- `/{api|modules|lib}/*` returns error page when path doesn’t exist
(from Express).
- `/*` always returns index (from Express), but if `$state` doesn’t
exist, Angular redirects to `/not-found` (no 404 status in that case
though!)
- If `Accept: application/json` header is present without `Accept:
text/html`, return error as json. Hence looking at non existing /api/*
paths with browser would show html error, but querying them with script
would return json.
- Slightly prettier 404 error
Test:
```bash
curl http://localhost:3000/api/notfound -4 -H "Accept: application/json"
```
=> json error.
```bash
curl http://localhost:3000/api/notfound -4 -H "Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0
.8"
```
=> html error (imitates Chrome’s Accept header).
Starting point was @dotch’s PL: https://github.com/meanjs/mean/pull/503
And `req.accepts()` idea came from http://stackoverflow.com/a/9802006
The executable bit is set for a lot of files where it is not necessary
to have the executable bit set. This PR removes the executable bit from
those files.
