Can I or Should I use a Global variable in Angularjs to store a logged in user?

Question

I\'m new to angular and developing my first \'real\' application. I\'m trying to build a calendar/scheduling app ( source code can all be seen on github ) and I want to be a

Answer 1

If your (single) page is rendered dynamically by the server and the server knows if you are logged-in or not, then you could do the following:

Dynamically render a script tag that produces:

For non logged-in users:

For convinience, copy user to a value inside angular's IOC:

angular.module('myApp').value('user', window.user);

Then, you can use it in DI:

angular.module('myApp').factory('myService', function(user) {
    return {
        doSomething: function() {
            if (user.isLoggedIn) {
                ...
            } else {
                ...
            }
        }
    };
});

Something tricky (which you should thing twice before doing [SEE COMMENTS]) is extending the $scope:

angular.module('myApp').config(function($provide) {
    $provide.decorator('$controller', function($delegate, user) {
        return function(constructor, locals) {
            locals.$scope._user = user;
            return $delegate(constructor, locals);
        };
    });
});

This piece of code decorates the $controller service (responsible for contructing controllers) and basically says that $scope objects prior to being passed to controllers, will be enhanced with the _user property.

Having it automatically $scoped means that you can directly use it any view, anywhere:

Content only for logged-in users

This is something risky since you may end up running into naming conflicts with the original $scope API or properties that you add in your controllers.

It goes without saying that these stuff run solely in the client and they can be easily tampered. Your server-side code should always check the user and return the correct data subset or accept the right actions.