Added impersonation. More data available via auth service about the user. Added admin auth guard.

src/app/shared/auth/auth.admin.guard.ts

@@ -5,17 +5,11 @@ import { ApiAuthenticationService } from '../services/api/api-authentication.ser
 @Injectable({
     providedIn: 'root'
 })
-export class AuthGuard implements CanActivate {
+export class AuthAdminGuard implements CanActivate {
 
   constructor(private auth: ApiAuthenticationService, private router: Router) {}
 
   async canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Promise<boolean> {
-    if (this.auth.isAuthenticated()) {
-      console.log('Valid OAuth');
-      return true;
-    }
-
-    console.log("Invalid OAuth");
-    return false;
+    return this.auth.isAuthenticated() && this.auth.isAdmin();
   }
 }

src/app/shared/auth/auth.user.guard.ts

@@ -0,0 +1,15 @@
+import { Injectable } from '@angular/core';
+import { ActivatedRouteSnapshot, CanActivate, Router, RouterStateSnapshot } from '@angular/router';
+import { ApiAuthenticationService } from '../services/api/api-authentication.service';
+
+@Injectable({
+  providedIn: 'root'
+})
+export class AuthUserGuard implements CanActivate {
+
+  constructor(private auth: ApiAuthenticationService, private router: Router) { }
+
+  async canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Promise<boolean> {
+    return this.auth.isAuthenticated();
+  }
+}

src/app/shared/services/api/api-authentication.service.ts

@@ -6,11 +6,13 @@ import EventService from '../EventService';
   providedIn: 'root'
 })
 export class ApiAuthenticationService {
-    private authenticated: boolean;
-    private lastCheck: Date;
+  private authenticated: boolean;
+  private user: any;
+  private lastCheck: Date;
 
   constructor(private http: HttpClient, private events: EventService) {
     this.authenticated = false;
+    this.user = null;
     this.lastCheck = new Date();
   }
 
@@ -18,35 +20,48 @@ export class ApiAuthenticationService {
     return this.authenticated;
   }
 
+  isAdmin() {
+    return this.isAuthenticated() && this.user.role == 'ADMIN';
+  }
+
+  getImpersonatedId() {
+    return this.user.impersonation.id;
+  }
+
+  getUsername() {
+    return this.user.name;
+  }
+
   update() {
     const jwt = localStorage.getItem('jwt');
     if (!jwt) {
-        this.updateAuthenticated(false);
-        return;
+      this.updateAuthenticated(false, null);
+      return;
     }
 
-    // /api/auth/jwt
-    this.http.get('/api/auth/jwt', {
-        headers: {
-            'Authorization': 'Bearer ' + jwt
-        }
+    // /api/auth/validate
+    this.http.get('/api/auth/validate', {
+      headers: {
+        'Authorization': 'Bearer ' + jwt
+      }
     }).subscribe((data: any) => {
-        console.log('jwt validation', data);
-        this.updateAuthenticated(data?.authenticated);
+      console.log('jwt validation', data);
+      this.updateAuthenticated(data?.authenticated, data?.user);
     });
   }
 
-  private updateAuthenticated(value: boolean) {
+  private updateAuthenticated(authenticated: boolean, user: any) {
     const previous = this.authenticated;
-    this.authenticated = value;
+    this.authenticated = authenticated;
+    this.user = user;
     this.lastCheck = new Date();
 
-    if (previous != value) {
-        if (value) {
-            this.events.emit('login', null);
-        } else {
-            this.events.emit('logoff', null);
-        }
+    if (previous != authenticated) {
+      if (authenticated) {
+        this.events.emit('login', null);
+      } else {
+        this.events.emit('logoff', null);
+      }
     }
   }
 }