Angular Auth0 Interceptor blocking all api calls unless logged in [Fixed]

samuelkampf · January 21, 2020, 2:54am

Hi new here thanks in advance for any help so Im using the Angular Auth0 SDK I have had no problems implementing it into my app until now my issue is that any call I make using angular HttpClient is getting picked up by the Interceptor which requires you to be logged in to make calls in my chrome console it errors with the following

{error: "login_required", error_description: "Login required", state: "removed"}

My question is can you allow users to make certain calls without being logged in for instance I have to pull a user list from my Mongodb collection on ngOnInit from the very first second you load the page to populate a users list. Which currently cant happen due to this issue. If anymore information is required please feel free to ask.

samuelkampf · January 21, 2020, 4:06am

Hey guys so i figured it out i had to make an adjustment to the interceptor where I have a list of whitelisted urls if that url is on the whitelist we essentially skip over it and do nothing handling wise ill put the code here if anyone is interested or has any better suggestions.

import { Injectable } from '@angular/core';

import {

  HttpRequest,

  HttpHandler,

  HttpEvent,

  HttpInterceptor

} from '@angular/common/http';

import { AuthService } from '../authentication/auth.service';

import { Observable, throwError } from 'rxjs';

import { mergeMap, catchError } from 'rxjs/operators';

@Injectable({

  providedIn: 'root'

})

export class InterceptorService implements HttpInterceptor {

  constructor(private auth: AuthService) { }

  intercept(

    req: HttpRequest<any>,

    next: HttpHandler

  ): Observable<HttpEvent<any>> {

    console.log(req.url)

    if(req.url === 'https://*********/users'){

      return next.handle(req)

    }

    return this.auth.getTokenSilently$().pipe(

      mergeMap(token => {

        const tokenReq = req.clone({

          setHeaders: { Authorization: `Bearer ${token}` }

        });

        return next.handle(tokenReq);

      }),

      catchError(err => throwError(err))

    );

  }

}

konrad.sopala · January 21, 2020, 11:04am

Thanks a lot for sharing it with the rest of community!

samuelkampf · January 21, 2020, 3:13pm

of course also i didnt show my finished example but obviously in the end that will be an array or a file containing all the whitelisted urls

konrad.sopala · January 21, 2020, 3:41pm

Thanks for the context!

system · February 5, 2020, 3:41pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
[auth0-angular] HTTP interceptor error when user is not logged in Help angular , auth0-angular	7	7987	November 10, 2021
User is logged back in after logging out whenever httpinterceptor is called Help login-experience , new-universal-login-experience	0	755	April 25, 2023
Allow unauthorized http request but add token if authorized Help angular , auth0	0	1732	August 29, 2022
Angular Auth0: logged out when calling API after login Help	0	1800	January 25, 2022
Failed Silent Auth - Login required : failing when trying get token and authenticate from angular app Help	3	5044	December 14, 2023

Angular Auth0 Interceptor blocking all api calls unless logged in [Fixed]

Related Topics