第二次刷新后,JWT-TOKEN_EXPIRED
[英]JWT - TOKEN_EXPIRED after second refresh
问题描述
I am developing an API server with laravel and tymon/jwt-auth . 
我正在使用laravel和tymon / jwt-auth开发API服务器。 In the test envirovment TTL - 1 min, TTL_REFRESH - 2 min. 在测试环境中,TTL-1分钟,TTL_REFRESH-2分钟。 Don't understand how the following algoritm works: 不了解以下算法的工作原理:
- The user logged in and received a token 用户登录并收到令牌
- TTL of the token is expired, but TTL_REFRESH is not. 令牌的TTL已过期,但TTL_REFRESH尚未过期。 User sends a request to the server to refresh the token 用户向服务器发送刷新令牌的请求
- The user uses a new token, but has not updated it in time. 用户使用了新令牌,但尚未及时更新。 Token is expired again. 令牌再次过期。
- When user trying to refresh the token at second time (first time was at 2 step), server sends
TOKEN_EXPIRED当用户尝试第二次刷新令牌(第一次是在2步)时,服务器发送TOKEN_EXPIRED
If after 1 and 2 steps try to refresh the token with not-expired TTL, token will be refreshed. 如果经过1和2步后尝试使用未过期的TTL刷新令牌,令牌将被刷新。 But if we refresh it once after expired, after second time (with expired token) server will send to client TOKEN_EXPIRED . 但是,如果我们在过期后刷新一次,则第二次(使用过期的令牌)后,服务器将发送给客户端TOKEN_EXPIRED 。
My question is why after the second token update with expired TTL, server not refreshes the token but send TOKEN_EXPIRED ? 我的问题是,为什么在使用过期的TTL更新第二个令牌之后,服务器不刷新令牌而是发送TOKEN_EXPIRED ?
1 个解决方案
解决方案1
1 2019-01-23 13:14:51
I think refresh token has been invalidate after first use 我认为刷新令牌在首次使用后已失效
you must use new refresh token to refresh your jwt token and get new one 您必须使用新的刷新令牌来刷新您的jwt令牌并获取新的令牌
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.