堆栈内存溢出
  简体   繁体   English

Auth.currentAuthenticatedUser() 和 Auth.currentSession() 有什么区别?

[英]What is the difference between Auth.currentAuthenticatedUser() and Auth.currentSession()?

 原文  2019-04-18 05:52:26       amazon-cognito/ aws-amplify

问题描述

Prior to every call made to the backend, I used Auth.currentAuthenticatedUser() to obtain idToken.jwtToken and pass it in the header of my request to the backend server for data.在每次调用后端之前,我使用Auth.currentAuthenticatedUser()获取idToken.jwtToken并将其作为请求的标头传递给后端服务器以获取数据。

Is there a difference between using Auth.currentSession() instead of Auth.currentAuthenticatedUser() for my use-case?在我的用例中使用Auth.currentSession()而不是Auth.currentAuthenticatedUser()有区别吗? Does Auth.currentAuthenticatedUser() refresh the token once it has expired, similar to Auth.currentSession() ? Auth.currentAuthenticatedUser()是否会在令牌过期后刷新令牌,类似于Auth.currentSession()

1 个解决方案

解决方案1
 7  2020-11-18 12:29:57

The documentation for amplify auth is still very poor, so I looked into the source code for @aws-amplify/auth and amazon-cognito-identity-js packages and these are the findings: amplify auth 的文档仍然很差,所以我查看了@aws-amplify/authamazon-cognito-identity-js包的源代码,结果如下:

  • currentAuthenticatedUser will try to retrieve authenticated user info from localstorage (unless your storage options is configured otherwise). currentAuthenticatedUser将尝试从 localstorage 检索经过身份验证的用户信息(除非您的存储选项配置为其他方式)。 If it doesn't exist in storage, then it will make api calls to retrieve user info which involves automatically refreshing the user session in the process.如果它不存在于存储中,那么它将进行 api 调用以检索用户信息,这涉及在此过程中自动刷新用户会话。
  • currentSession will not check the local storage and always invoke the API which also involves automatically refreshing the user session if expired. currentSession不会检查本地存储并始终调用 API,如果过期还涉及自动刷新用户会话。

So to answer your question directly, the Auth.currentAuthenticatedUser() method doesn't always give you a valid token.所以直接回答你的问题, Auth.currentAuthenticatedUser()方法并不总是给你一个有效的令牌。 If your storage contains an expired token, it will just return that.如果您的存储包含过期的令牌,它只会返回该令牌。 This would require you to call user.getSession() on the returned user object to request for a new session/token manually.这将要求您在返回的用户对象上调用user.getSession()以手动请求新的会话/令牌。 I recommend that you use Auth.currentSession() since this handles the token refresh automatically and always returns a valid token.我建议您使用Auth.currentSession()因为它会自动处理令牌刷新并始终返回有效令牌。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在另一个组件中登录后如何调用 Auth.currentAuthenticatedUser()? - How to call Auth.currentAuthenticatedUser() after login is made in another component? 用户 object 正在填充,但 Auth.currentSession 返回“未找到用户” - User object is getting populated but Auth.currentSession is returning "No user found" AWS Amplify 中的 currentAuthenticatedUser() 和 currentUserPoolUser() 有什么区别? - what is difference between currentAuthenticatedUser() and currentUserPoolUser() in AWS Amplify? Firebase AngularFireAuth 和 Auth 有什么区别? - What's the difference between Firebase AngularFireAuth and Auth? aws-amplify auth currentSession 不返回当前用户 - aws-amplify auth currentSession returns no current user Firebase auth.onAuthStateChanged((user)=>{}) 与 onAuthStateChanged(auth,(user)=>{}) 之间有什么区别吗? - Is there any difference between Firebase auth.onAuthStateChanged((user)=>{}) vs onAuthStateChanged(auth,(user)=>{})? 为 firebase_auth 隐藏 EmailAuthProvider 的目的是什么? - What is the purpose of hiding EmailAuthProvider for firebase_auth? Flutter Firebase Auth Exception 的错误代码是什么? - what are the error codes for Flutter Firebase Auth Exception? Swift:在应用之间共享 Auth state - Swift: Share Auth state between apps 如何在前端和后端之间持久化 Firebase Auth state? (Firebase 身份验证 + React + Express) - How to persist the Firebase Auth state between front-end and backend ? (Firebase Auth + React + Express)
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM