Access control in Symfony2 + AngularJS app

0
votes

i have REST API in Symfony2, and client app in AngularJS. I have users, users have Symfony2 roles (ROLE_ADMIN, ROLE_USER).

In security.yml is section access_control, but here i can set only Symfony2 routing paths.

How can I block access to path for example: 

app.local/app_dev.php/#/something

for users with role ROLE_USER, or anonymous?

(#/something - is Angular url)

1
angularjssymfonysymfony-2.3

1 Answers

0
votes

That is not possible with Symfony.

/#/ that is the Angular routing and is only executed in your Browser. Here is a good post how to secure routes.

http://jonsamwell.com/url-route-authorization-and-security-in-angular/

There are some other solutions but its a short hint for you how to to it.

https://github.com/FlyersWeb/angular-symfony