Reputation: 1587
forbid certain (most) routes if not logged in
I'm using Ember for my whole site, even the static pages.
I have a devise api setup, with a user.new, user.login and user.edit in order to create, login or edit an existing account.
Any user can just go to
http://hostname/user/edit
to see the edit screen. I would realy like to make this only possible if a user is logged in. If not that route should for example redirect to the login page.
Is there a way to do that?
Upvotes: 2
Views: 1209
Answers (1)
Reputation: 7068
You can put a redirect inside your route. In there you can conditionally check to see if the user is logged in. If they aren't, then you can transition somewhere else.
See the guides for more about redirection.
Update
Here is an example from an AuthenticatedRoute that I use. For routes that I was to be authenticated, I just subclass from this one.
var AuthenticatedRoute = Ember.Route.extend({
session: Ember.inject.service(),
...
beforeModel: function(transition) {
if (Ember.isEmpty(this.get('session').get('token'))) {
this.get('flashNotification').notify({
title: "You need to sign in first."
});
return this.transitionTo('sign-in');
}
},
Hopefully that gives some good direction.
If you need more resources, check out:
- Embercasts
- Ember Screencasts - I haven't seen this one (since it is behind the paywall, but their videos seem to be pretty useful.
Upvotes: 5
Related Questions
- Restrict access to specific routes in Ember.js (Ember.Router)
- What is the correct hook for Ember Route to check authorization?
- Redirect to Login Route from Application Route if user is not authenticated
- Ember.js - Dynamic Route Logic Based On Authentication
- Whitelist requests from certain routes
- Ember.js routing - conditionally prevent route/state change
- Handling routes which are not available
- Emberjs only redirect to default route if no subroute is specified
- Emberjs 1.0rc6 - Making an authenticated route
- How do I restrict the route?