MobileServices.web.js未经授权的api调用
[英]MobileServices.web.js unauthorized api call
问题描述
When I leave my WinJS app dormant for a while and then come back to it, and i click on a button, for some reason my calls to my backend aren't working. 
当我使WinJS应用处于休眠状态一段时间后又回到它,然后单击一个按钮时,由于某种原因,我对后端的调用无法正常工作。
I get an "Unauthorized" error from the server. 我从服务器收到“未经授权”错误。
How do I modify the invokeApi so that it reauthenticates the user or something? 如何修改invokeApi,以便重新验证用户身份?
Does anybody have any experience using mobileservices.web.js and how to keep the end user perpetually logged in without having to reauthenticate themselves? 是否有人在使用mobileservices.web.js方面有任何经验,以及如何使最终用户永久登录而不必重新认证自己?
Thankyou. 谢谢。
client.invokeApi("getTopForumsTotal", {
method: "post"
}).then(function (results) {
// do something
}, function (error) {
WinJS.log(error);
});
I use winjs mobileService to authenticate the user. 我使用winjs mobileService来验证用户身份。
client.login("microsoftaccount").done(function (results) {
// Create a credential for the returned user.
credential = new Windows.Security.Credentials.PasswordCredential("myapp", results.userId, results.mobileServiceAuthenticationToken);
vault.add(credential);
completeDispatcher();
}, function (error) {
WinJS.log(JSON.stringify(error));
errorDispatcher(error);
});
and this is what I use to refresh the end users token. 这就是我用来刷新最终用户令牌的方法。
client._request("GET", "/.auth/refresh", null, null, {
accept: "application/json",
"ZUMO-API-VERSION": "2.0.0"
}, [], (error, response) => {
if (!error) {
var userObject = JSON.parse(response.responseText)
if (userObject.authenticationToken) {
client.currentUser.mobileServiceAuthenticationToken = userObject.authenticationToken;
testCall().done(function (success) {
if (success) {
credential = new Windows.Security.Credentials.PasswordCredential("myapp", userObject.user.userId, userObject.authenticationToken);
vault.add(credential);
authenticated = true;
completeDispatcher();
}
else errorDispatcher('testCall API does not exist');
});
}
else errorDispatcher('no authentication token returned');
}
else errorDispatcher(error);
});
1 个解决方案
解决方案1
1 已采纳 2016-12-26 22:48:45
Instead of wrapping a promise around every API call I just incorporated an idle routine on the client that refreshes the user token when they return to the app as well as refreshes the token every 59 seconds that they are idle. 与其在每个API调用周围都没有包含承诺,我只是在客户端上合并了一个空闲例程,该例程在用户返回应用程序时刷新用户令牌,并在用户空闲时每59秒刷新一次令牌。
So for all intense and purposes they will always have an valid token or perpetual state. 因此,出于所有强烈的目的,它们将始终具有有效的令牌或永久状态。
$(document).idle({
onIdle: function () {
// refresh user token
if (User.Person !== null)
User.Person.reauthenticate().done();
},
onActive: function () {
// when the user returns refresh their token 1 more time
if (User.Person !== null)
User.Person.reauthenticate().done();
},
idle: 59000, // 59 seconds
recurIdleCall: true // will keep refreshing every 59 seconds
});
https://github.com/kidh0/jquery.idle https://github.com/kidh0/jquery.idle
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.