Today we're going to secure our angular application using route guards and jwt. We'll first declare a service to handle the mundane things and then a AuthGuard which implements CanActivate.
Before we get started you'll need to install @auth0/angular-jwt with an npm install @auth0/angular-jwt.
The AuthGuard
The AuthGuard is responsible for indicating whether or not a route should be accessible. This is configured in your routes declaration (further below). When a route is loaded it calls the canActivate method of our AuthGuard and will only route the user if true.
The AuthenticationService
The AuthenticationService is responsible for not only calling an http method for logging in but also checking to see if a) a "token" exists in localStorage but b) the token hasn't expired yet.
Routing Configuration
Now we are ready to configure our route(s) to use canActivate by passing an array containing our AuthGuard Class.
canActivate will also apply to all children route(s) if present.