Search code examples
angularauthenticationrouteslogoutguard

After logging out ,the user is able to go back using back button how to resolve this issue

route.ts

const appRoutes: Routes = [
  {
    path: '',
    redirectTo: 'login',
    pathMatch: 'full'
  },
  {
    path: 'login',
    component: LoginComponent
  },
  {
    path: 'dashboard',
    canActivate: [AuthguardGuard],
    component: MyNavComponent
  },

  { 
  path: '**', 
  redirectTo: 'login', 
  pathMatch: 'full' 
  }

];

Authguard.guard.ts

import { Injectable } from '@angular/core';
import { CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot } from '@angular/router';
import { Observable } from 'rxjs';
import { UserService } from './user.service';

@Injectable({
  providedIn: 'root'
})
export class AuthguardGuard implements CanActivate {
  constructor(private user: UserService) { }
  canActivate(
    next: ActivatedRouteSnapshot,
    state: RouterStateSnapshot): Observable<boolean> | Promise<boolean> | boolean {
    return this.user.getUserLoggedIn();
  }
}

User.service.ts

import { Injectable } from '@angular/core';

@Injectable({
  providedIn: 'root'
})
export class UserService {
  private isUserLoggedIn;
  private username;

  constructor() {
    this.isUserLoggedIn = false;
  }

  setUserLoggedIn() {
    this.isUserLoggedIn = true;
  }

  getUserLoggedIn() {
    return this.isUserLoggedIn;
  }
}

Login.component.ts

import { Component, OnInit } from '@angular/core';
import { Router } from '@angular/router';
import { UserService } from '../user.service';
import { FormControl, Validators } from "@angular/forms";


@Component({
  selector: 'app-login',
  templateUrl: './login.component.html',
  styleUrls: ['./login.component.css']
})
export class LoginComponent implements OnInit {
  flag = true;
  mobileFormControl = new FormControl("", [
    Validators.required,

  ]);

  constructor(private router: Router, private user: UserService) { }

  ngOnInit() {
  }

  loginUser(e) {
    e.preventDefault();
    console.log(e);
    var username = e.target.elements[0].value;
    var password = e.target.elements[1].value;

    if (username == 'admin' && password == 'admin') {
      this.user.setUserLoggedIn();
      this.router.navigate(['dashboard']);
      this.flag = true;
    }
    else {
      this.flag = false;
      this.router.navigate(['login']);
    }
  }

}

Logout.ts

logout() {
    var r = confirm("Are you sure you want to Logout!");
    if (r == true) {
      this.router.navigate(['']);
    }
  }

After clicking on logout i still able to move to dashboard component by using browsers back button,how to resolve this please help me out. I does not want the user to move to dashboard component without logging it again. means once logout ,the user should need to login again to enter dashboard component.

Solution

  • If you want to accomplish it in simpler ways, then just create a global variable ,something like LoggedInStatus and when the user is logged in, set this global variable as true. Now, in all the other pages , in ngOnInit() keep the code like

    ngOnInit(){
    if(!this.global.LoggedInStatus){
        this.router.navigate(['../login']) 
      }

    and while the user calls the logout(), then just reassign the LoggedInStatus to false.

    This will restrict the users from navigating into any page , without actually login in.

    Now, if you want it to be more secure, then when you are calling your login API, pass a sessionID or token and store it in global scope. In each page check the SessionID to validate, orelse redirect to login page.