ANGULARJS + LIFT
COMMUNICATION
with ponies
the lift way
Page generation time
".miniProfile *" #> unboxMiniProfiles.map{ miniProfile => ".avatar [src]" #> miniProfile.avatarUrl & ".displayName" #> miniProfile.displayName &
... } def unboxMiniProfiles = ProfileClient.getMiniProfiles(usernames) match { case Full(miniProfiles) => stuff case _ => logger.error("Couldn't get mini profiles.") }
The lift way
SHtml.ajaxCall( )
SHtml.ajaxInvoke(() => jsCmd)
Generates Javascript on the fly
liftAjax.lift_ajaxHandler('F304443309923DBOE=true', null, null, null);
HTTP XHR
http://www.zensey.com/ajax_request/SD48QP45523DBOEZH/
POST: F304443309923DBOE=true
The angular way
$http -> REST
$http({method: 'GET', url: '/rest/profile/mini/123'})
.success(function(data, status, headers, config) {
// do stuff
});
$resource -> REST
$resource('/rest/profile/mini/:username', {username: '@username'},
{get: {method: 'GET', isArray: false}} );MiniProfile.get({username: $attrs.username}, function (data) {...}
But Security...
Public REST endpoint attacks:
- JSON vulnerability
- Cross Site Request Forgery (XSRF)
Angular mitigations require server cooperation.
Ain't nobody got time for that.
Give me your HIPAAs!
USE LIFT's immunities
Unpredictable urls are immune to both attacks.
What we want
Lift functions available as angular services...
angular.module('zen.lift.miniProfile'
.factory('miniProfile', function (liftProxy) {
return {
get: function(username) {return liftProxy(...);}
};
}
...using random server urls
http://www.zensey.com/ajax_request/F246253955771TQNMAV/
(theirUsername: String) => ProfileClient.getMiniProfile(theirUsername)
dynamically generate modules
Demo: Write a service to generate this Javascript.
<script> angular.module('zen.lift.miniProfile') .factory('miniProfile', function ($liftproxy) { return { get: function(username) {...} }; };
</script>
Success!
Generated javascript
The ajax request
JSON response
{
"success":true,
"data":{
"username":"51edf173c0261d53a7168c9d",
"displayName":"doug2doug2",
"coach":false,
"presence":"offline",
"connectedStatus":"pending",
"sharedConnections":[
{
"username":"51f9c00ac02616bfbba0f301"
}
]
}
clap if you like
Then ask me some questions.
Angular Lift Service Proxy
By Doug Roper
Angular Lift Service Proxy
- 2,610