Comments (4)
解决使用jwt刷新token带来的问题:https://segmentfault.com/a/1190000013151506
from my-blog.
Token refresh的实现:https://www.cnblogs.com/wqtmelo/p/8527148.html
在access_token里加入refresh_token标识,给access_token设置短时间的期限(例如一天),给refresh_token设置长时间的期限(例如七天)。当活动用户(拥有access_token)发起request时,在权限验证里,对于requeset的header包含的access_token、refresh_token分别进行验证:
1、access_token没过期,即通过权限验证;
2、access_token过期,refresh_token没过期,则返回权限验证失败,并在返回的response的header中加入标识状态的key,在request方法的catch中通过webException来获取标识的key,获取新的token(包含新的access_token和refresh_token),再次发起请求,并返回给客户端请求结果以及新的token,再在客户端更新公共静态token模型;
3、access_token过期,refresh_token过期即权限验证失败。
from my-blog.
总结:
前端:前端只接受access_token,如果值存在,则覆盖原理的access_token,没有的话则不做其他操作
后端:
- access_token没过期,请求放行
- access_token过期了,但是refresh_token没过期的话,access_token取新的值,refresh_token是否取新的值看业务需求,加入要实现refresh_token一周后失效,则不改变,否则,取新的值。
- access_token和refresh_token都失效的话,那么都取新的值。
存储:前端存在cookie或者localstorge,后端存数据库或者缓存比如redis
from my-blog.
access_token、refresh_token介绍:https://www.jianshu.com/p/8a0e74b60efe
from my-blog.
Related Issues (20)
- css3新特性介绍 HOT 3
- CSS3特效示例介绍 HOT 2
- 实现antd pro v2的动态路由,基于人人的框架 HOT 1
- Kubernetes核心概念总结 HOT 5
- kubernetes调度之Taints和Tolerations策略
- Kubernetes Rook HOT 1
- kubernet的安装
- Java8新特性介绍 HOT 1
- Springboot中filter、interceeptor相关介绍 HOT 9
- spring boot与Redis相关知识集锦 HOT 3
- SQL注入相关主题 HOT 3
- React事件相关文章集锦 HOT 1
- serviceWorker知识点集锦 HOT 3
- Angular系列学习入坑指南
- rxJS的学习 HOT 3
- React&Refs相关技术 HOT 1
- React之PureComponent HOT 2
- Flutter学习指南
- React Native学习系列文章
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from my-blog.