Code Monkey home page Code Monkey logo

Comments (4)

hehongwei44 avatar hehongwei44 commented on June 20, 2024

解决使用jwt刷新token带来的问题:https://segmentfault.com/a/1190000013151506

from my-blog.

hehongwei44 avatar hehongwei44 commented on June 20, 2024

Token refresh的实现:https://www.cnblogs.com/wqtmelo/p/8527148.html

在access_token里加入refresh_token标识,给access_token设置短时间的期限(例如一天),给refresh_token设置长时间的期限(例如七天)。当活动用户(拥有access_token)发起request时,在权限验证里,对于requeset的header包含的access_token、refresh_token分别进行验证:

1、access_token没过期,即通过权限验证;

2、access_token过期,refresh_token没过期,则返回权限验证失败,并在返回的response的header中加入标识状态的key,在request方法的catch中通过webException来获取标识的key,获取新的token(包含新的access_token和refresh_token),再次发起请求,并返回给客户端请求结果以及新的token,再在客户端更新公共静态token模型;

3、access_token过期,refresh_token过期即权限验证失败。

from my-blog.

hehongwei44 avatar hehongwei44 commented on June 20, 2024

总结:

前端:前端只接受access_token,如果值存在,则覆盖原理的access_token,没有的话则不做其他操作

后端:

  1. access_token没过期,请求放行
  2. access_token过期了,但是refresh_token没过期的话,access_token取新的值,refresh_token是否取新的值看业务需求,加入要实现refresh_token一周后失效,则不改变,否则,取新的值。
  3. access_token和refresh_token都失效的话,那么都取新的值。

存储:前端存在cookie或者localstorge,后端存数据库或者缓存比如redis

from my-blog.

hehongwei44 avatar hehongwei44 commented on June 20, 2024

access_token、refresh_token介绍:https://www.jianshu.com/p/8a0e74b60efe

from my-blog.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.