It had been a couple of month since I embark in the journey of mixing AngularJS with MVC. Before then, I have utilized AngularJS to render certain view containers here and there. However, for the first time I was after a fully functional AngularJS app, yet with MVC server side. I wanted to use the fully functional Form Authentication MVC template, and make an AngularJS application ready to go with form authentication in no time.
This task introduced two main challenges. First, we have to make the client side fully aware of the authentication and have Angular preserve state – so even as the page refreshes Angular shall response as authenticated. This is inherit function in a MVC Razor app but not necessarily in an Angular application. Secondly, client side authentication – No-Oauth - is not the most secure, we could end up with a cross site request forgery attack. So what I needed was an Anti-Forgery Token, MVC Form Authentication AngularJS app.