You should not pollute the $rootScope, but client-side authorization methods are a good starting point (after authentication) and can easily be included in an Angular service or factory. Server-side, if you assign roles to your users and keep the user's current roles in a Session, it's easy to handle authorization. Watch out for CSRF and you are set!
Chapter 7 of this book has some great info: http://www.scribd.com/mobile/doc/214658821#fullscreen -- You received this message because you are subscribed to the Google Groups "AngularJS" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/angular. For more options, visit https://groups.google.com/d/optout.
