Securing Your Application
Summary
In this chapter, we have looked at some common security issues in rich client web
applications, and how they compare to traditional, server-based web applications.
In particular, while security checks must always be done at the server, the client and
the server must also work together to prevent malicious attacks. We implemented
a number of services and directives to support security in our application. We saw
how the AngularJS promise-based $http service allows us to intercept responses to
unauthorized server requests, and then give the user the opportunity to authenticate
without having to interrupt or restart the flow of the application logic. Finally, we
made use of route resolve functions in our application routes to check authorization,
before the user is allowed to navigate to restricted parts of our application.
We are now going to look at how we can teach our browser some new tricks by
developing our own directives, which will allow us to develop user interface
components in a more declarative manner.