10

I see many tutorials on authentication that put an 'auth' object on $rootScope, including the AngularFire-seed from the FireBase-people.

I thought it was bad practice to put objects on the rootscope and one should rather create a service instead. Why is this (apparently) ok when it comes to authentication? Or rather the more general question: When is it ok and perhaps even good practice to put something on the rootscope?

To give another example. I have in addition a profile-object on the user. Is it also ok to add this to the auth-object? I even do not pollute the rootscope in this case, since the auth-object is already there. Is it ok to put the profile on the rootscope like this (via the auth-object)? If not, why?

I know, it was several questions, but they all boil down to one the qeustion in the title...

Improve this question
3
  • I do NOT put my entire auth/session object into the rootScope. I prefer to have an application level controller attached to <body> that provides scope methods that call the service that houses the auth data. This way, it is still basically "global" but without being in the rootScope. Now considering that the client has all of your app anyway, it's not really better or safer necessarily to have stuff in a service vs rootScope, I think it comes down to where and how you want to access data. Putting things in rootScope makes them globally accessible from your views. Commented Apr 11, 2014 at 18:36
  • 1
    If the data is truly common to all scopes then $rootScope is a perfectly acceptable place to put that data. Commented Apr 11, 2014 at 18:55
  • Nice rootScope-altnerative @aet. I will probably not use that, but it is good to know of alternatives. Commented Apr 14, 2014 at 9:33

1 Answer 1

Reset to default
6

Most likely because of the way prototypical inheritance works in JavaScript.

For example: client would need auth credentials all across the app, what is a better place than $rootScope? (except if you want it in a service and inject that service all across artifacts). This works like an ASPECT to address a cross cutting functionality of carrying auth data. By adding auth related data in $rootScope, you can easily get auth detail from any scope which apparently inherits from $rootScope (due to prototypical inheritance).

This holds good for directives not with isolated scope, but for isolated scope as well the wall to climb will be small since you get the effective 2-way binding mechanism.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

Thank you, and thank you all your views :) The practical result for me is that I will put auth/session object on the $rootScope, since it will be used on almost all pages, but my profile-object I will not add to this auth/session-object, since I will used it on only on a few pages/views (actually, it will be visible on all pages via the header (like "Hi, EricC"), but the header is a single template).
Someone might just rename a variable in a nearer scope which might hide the rootscope. Depending on somehting like this isn't good for large applications. One will have to anyway inject rootscope everywhere to avoid such conflicts so why not make a global service or constant instead ?
There is sure comments not to pollute rootscope. But I didn't get any details regarding why we should not pollute rootscope and the reason behind this?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.