Authenticated app on appengine with angularjs

Question

Setup:

• templates: angularjs (all statically served from app.yaml)
• api: json responses used by angularjs controllers to pull data from application

The page content is served from a static file so it is not possible to use users.create_login_url(), users.create_logout_url(), etc.

How do you typically go about users logging in/out, figuring if user is logged in/out, user is admin on an application like this?

Answer 1

I'm actually working on a solution to this problem myself. The project is called Sapling -- it's an AngularJS starter project that covers User management.

This is the approach that I took:

1. User comes to the site -- load html and javascript

2. After Angular is loaded make a GET request to '/api/user/me'. If the user is logged in return a representation of the user, E.g.

   { 
     "name": "Bob",
     "admin": false,
     // ect.
   }
   

   If the user is not logged in return a 401 error.

3. If a user object is returned -- check to see if the user is also and admin. If a 401 is received redirect the user to the login pages (You could create a login page within your Angular app, or if you feel the user will not get confused you could send them to the Google login directly).

So, how do you do this with App Engine's User Service?

In your request handler for the url '/api/user/me'

Call get_current_user() and is_current_user_admin()

• User is logged in -- append the admin boolean and return the representation of the user as json.

• User is not logged in -- return a 401 Unauthorized, i.e. response.set_status(401)

How do you direct the user to the login and logout urls?

You can create request handlers at the following urls:

'api/user/login'

webapp2.redirect(users.create_login_url())

'api/user/logout'

webapp2.redirect(users.create_logout_url())

And direct users to them from Angular.

I think that I covered the basics. If you need more details, please let me know.