Adds a check for the existence of the "guest" role in the state configuration
that we're transitioning to, in the core $stateChangeStart event handler. If
it exists, then we allow access.
Also, added validation of Authentication.user object. While writing
tests, I ran into an issue here when the Authentication service wasn't injected
into a controller. Probably best to have this check in place.
Fixes https://github.com/meanjs/mean/issues/1098
Fixes the issue with the previous state not being recorded, when the
unauthenticated user is redirected to the signin state, when trying to
access a restricted route.
Added a function that stores the provided state & state params, in the
$state.previous object. This has been implemented in the
$stateChangeSuccess event, and the callback of the $state.go transition
when the user is not allowed to access the requested route.
Two different strategies are adopted, one for when the user authenticates locally and the other through providers. When authenticating locally, the signin function in the client controller redirects to the previous state (storing and using a state name) after successful login. When authenticating through a provider, the first call to provider stores the previous URL (not state, URL) in the session. Then, when provider actually calls the authentication callback, session redirect_to path is used for redirecting user.
A state parameter was added for the routes that require user authentication. Now, everytime a statechange occurs, the destination state is checked and user is redirected to signin page if necessary. Note the state parameter is added within `data`, so that nested states can inherent its value.
