The angular2 documentation about Route Guards left me unclear about when it is appropriate to use a CanActivate guards vs. a CanActivateChild guard in combination with component-less routes.
TL;DR: what's the point in having canActivateChild when I can use a component-less routes with canActivate to achieve the same effect?
Long version:
We can have multiple guards at every level of a routing hierarchy. The
router checks the CanDeactivate and CanActivateChild guards first,
from deepest child route to the top. Then it checks the CanActivate
guards from the top down to the deepest child route.
I get that CanActivateChild is checked bottom up and CanActivate is checked top down. What doesn't make sense to me is the following example given in the docs:
@NgModule({
imports: [
RouterModule.forChild([
{
path: 'admin',
component: AdminComponent,
canActivate: [AuthGuard],
children: [
{
path: '',
canActivateChild: [AuthGuard],
children: [
{ path: 'crises', component: ManageCrisesComponent },
{ path: 'heroes', component: ManageHeroesComponent },
{ path: '', component: AdminDashboardComponent }
]
}
]
}
])
],
exports: [
RouterModule
]
})
export class AdminRoutingModule {}
So the admin path has a component-less route:
Looking at our child route under the AdminComponent, we have a route
with a path and a children property but it's not using a component. We
haven't made a mistake in our configuration, because we can use a
component-less route.
Why is the code in this case inserting the AuthGuard in the child and in the root component (path admin)? Wouldn't is suffice to guard at the root?
I have created a plunkr based on the sample that removes the canActivateChild: [AuthGuard] and adds a logout button on the AdminDashboard. Sure enough, the canActivate of the parent route still guards, so what's the point in having canActivateChild when I can use component-less routes with canActivate?
From the docs:
As we learned about guarding routes with CanActivate, we can also protect child routes with the CanActivateChild guard. The CanActivateChild guard works similarly to the CanActivate guard, but the difference is its run before each child route is activated. We protected our admin feature module from unauthorized access, but we could also protect child routes within our feature module.
Here's a practical example:
- navigating to
/admin
canActivate is checked- You navigate between the children of
/admin route, but canActivate isn't called because it protects /admin
canActivateChild is called whenever changing between children of the route its defined on.
I hope this helps you, if still unclear, you can check specific functionality by adding guards debugging them.
In real world, I feel it is redundant to use the same guard for the parent and all its children.
For a better example, suppose you have roles for admin users (Edit/View), you can add a guard for "Edit" only tabs.
RouterModule.forChild([
{
path: 'admin',
component: AdminComponent,
canActivate: [AuthGuard], //1 - redirect to login page if not logged in
children: [
//View Access
{
......
},
//Edit Access
{
path: '',
canActivateChild: [EditGuard], //2 - display "you don't have Edit permission to access this page"
children: [
{ path: 'crises', component: ManageCrisesComponent },
{ path: 'heroes', component: ManageHeroesComponent },
{ path: '', component: AdminDashboardComponent }
]
}
]
}
])
I also confused the angular2's documentation about routeGuard.
what's the difference between the CanActivate guard and
CanActivateChild guard.
I have some findings,I hope this will help you.
in the auth-guard.service.ts file
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): boolean {
let url: string = state.url;
return this.checkLogin(url);
}
canActivateChild(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): boolean {
return this.canActivate(route, state);
}
because the canActivate method is called in the canActivateChild function. you can write a snippet of code that don't call the canActivate method in the canActivateChild function.
One reason I can think of is timeouts.
I'm starting to work with Angular 2, using an authentication provider. This provider expires a session which has been idle for more than a certain amount of time.
In a common situation where you leave your computer logged in and your session expires, the next navigation you try MUST validate your current situation. If you are navigating between child routes, I think CanActivateChild is the guard that will detect the expired session, and trigger a redirect to login, while CanActivate won't trigger at all.
Disclaimer: This came from the top of my head, I haven't implemented it yet.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 戒情不戒烟 的文章《CanActivate vs. CanActivateChild with component-le》','https://www.manongdao.com/article-293721.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}