How to create a route guard in Angular

Łukasz Holeczek Follow Łukasz Holeczek on GitHub Connect with Łukasz Holeczek on LinkedIn Follow Łukasz Holeczek on X (Twitter)

Monday, December 1, 2025

#angular #guards #routing #security #canactivate

Route guards provide essential security and navigation control in Angular applications by intercepting route changes and enforcing access rules. As the creator of CoreUI with extensive Angular development experience since 2014, I’ve implemented route guards in numerous enterprise applications for authentication and authorization. The most common approach is creating a CanActivate guard that returns a boolean to allow or deny route access. This pattern enables centralized route protection while maintaining clean separation between authentication logic and components.

Create a CanActivate guard service that implements the CanActivate interface to control route access.

import { Injectable } from '@angular/core'
import { CanActivate, Router } from '@angular/router'
import { AuthService } from './auth.service'

@Injectable({
  providedIn: 'root'
})
export class AuthGuard implements CanActivate {
  constructor(
    private authService: AuthService,
    private router: Router
  ) {}

  canActivate(): boolean {
    if (this.authService.isLoggedIn()) {
      return true
    } else {
      this.router.navigate(['/login'])
      return false
    }
  }
}

This guard checks if the user is authenticated through an AuthService. If logged in, it returns true to allow route access. If not authenticated, it redirects to the login page and returns false to block access. Apply this guard to routes in your routing configuration using the canActivate property to protect specific routes from unauthorized access.

Best Practice Note:

This is the security pattern we implement in CoreUI Pro admin templates for robust route protection. Consider returning an Observable for async authentication checks and implement multiple guard types for comprehensive route security.

Speed up your responsive apps and websites with fully-featured, ready-to-use open-source admin panel templates—free to use and built for efficiency.

Angular

Bootstrap

React.js

Vue.js

About the Author

Follow Łukasz Holeczek on GitHub Connect with Łukasz Holeczek on LinkedIn Follow Łukasz Holeczek on X (Twitter)

Łukasz Holeczek, Founder of CoreUI, is a seasoned Fullstack Developer and entrepreneur with over 25 years of experience. As the lead developer for all JavaScript, React.js, and Vue.js products at CoreUI, they specialize in creating open-source solutions that empower developers to build better and more accessible user interfaces.

With expertise in TypeScript, JavaScript, Node.js, and modern frameworks like React.js, Vue.js, and Next.js, Łukasz combines technical mastery with a passion for UI/UX design and accessibility. CoreUI’s mission is to provide developers with tools that enhance productivity while adhering to accessibility standards.

Łukasz shares its extensive knowledge through a blog with technical software development articles. It also advises enterprise companies on building solutions from A to Z. Through CoreUI, it offers professional services, technical support, and open-core products that help developers and businesses achieve their goals.

Learn more about CoreUI’s solutions and see how your business can benefit from working with us.