I am currently working on angular 4 on a project. I'm familiar with angular auth-guards. My question is since angular 4 is a client sided framework can't we hack the auth-guard to access the page by inspecting the browser window, since typescript gets transpilled to javascript or is the auth-guard server sided by any chance.
Client-side.
It depends. The framework (angular) has encryptors, code minifiers, and other validators that make it a little difficult for hackers, but it's still not completely secure.
There are some people who put validation variables in the localStorage and that is horrible. Others, put global variables in some service file. Which is also very insecure.
The best way is to create a service to validate on the Back-end side.