dongra1984 2019-09-22 11:31
浏览 166

在服务器上刷新后刷新令牌本地存储

How do you handle jwt token after it has expired?

I really need to know what is the best thing to handle token in local storage, On my server, if the token on header is expired, I refresh it, and the token in local storage will not updated after it refresh from server, I could think each respond after refresh token, I will set the token on each response then set it to local storage, for every request which need the token, but I am sure it is not efficient and too much work, right? what is the best practice to handle refresh token from server for client-side?

  • 写回答

1条回答 默认 最新

  • duanhun3273 2019-09-22 13:38
    关注

    I'm not sure if this helps or not but in many workflows it's the client driving the request. If possible, it may help to simplify the problem:

    The client needs a valid token to make a request

    If you're able to make this assumption then this can allow you to push the responsibility of token management to the client. Then the server will reject ANY request with an invalid token and return unauthorized to the client. This makes it the clients responsibility to re-auth or refresh by keeping track of token validity.

    This separates concerns so that the server doesn't need to have token management and refresh on each request.

    I'm basing this on Single Page Application Authentication workflows like described https://auth0.com/docs/architecture-scenarios/spa-api

    评论

报告相同问题?

悬赏问题

  • ¥15 微信会员卡接入微信支付商户号收款
  • ¥15 如何获取烟草零售终端数据
  • ¥15 数学建模招标中位数问题
  • ¥15 phython路径名过长报错 不知道什么问题
  • ¥15 深度学习中模型转换该怎么实现
  • ¥15 HLs设计手写数字识别程序编译通不过
  • ¥15 Stata外部命令安装问题求帮助!
  • ¥15 从键盘随机输入A-H中的一串字符串,用七段数码管方法进行绘制。提交代码及运行截图。
  • ¥15 TYPCE母转母,插入认方向
  • ¥15 如何用python向钉钉机器人发送可以放大的图片?