I am looking for a way to do these two things, first I want to redirect the user to a login page if no SessionID is found and second I would like to hear your opinion about persisting session ID in memory only (no cookies).

The solution I came up with for the redirect is:

1 – Create a service called OAuth that will check if SessionID exists and if not, redirects to login page, the service is also responsible for the login and logout methods.

app.factory('OAuth', ['$http', function ($http) {

    var _SessionID = '';

    return { 
        login: function () {
            //Do login ans store sessionID in var _SessionID
        },

        logout: function () {
            //Do logout
        },

        isLoggedIn: function () {
            if(_SessionID) {
                return true;
            }
            //redirect to login page if false
        }
    };

}]);

2 – Inject the new OAuth service in each controller and check if user isLoggedIn

app.controller('myCtrl', ['$scope', 'OAuth', function ($scope, OAuth) {

    //check if user is logged
    OAuth.isLoggedIn();

}]);

Questions:

1 – The isLoggedIn() method will be called in all controllers, so I wonder if there is a way to do this without having to inject the service and call it in each controller.

2 – Instead of having a cookie to store the sessionID I want to save it in OAuth’s _SessionID variable and for each request send it to the server. Is this a viable/secure approach? Can you give me some ideas for that?

Thanks!