React.js 如何从 jwt 令牌获取用户角色
[英]React.js how to get user roles from jwt token
问题描述
I'm having a problem with authorization in react.js.
我在 react.js 中遇到授权问题。 I want to store user roles in application context but I don't know how to get them from JWT token.我想在应用程序上下文中存储用户角色,但我不知道如何从 JWT 令牌中获取它们。 I found 3 possible solutions, which one of them is the best?我找到了 3 种可能的解决方案,其中哪一种是最好的?
- encrypt JWT on client side.在客户端加密 JWT。
- one more request to get user roles获取用户角色的另一个请求
- return user roles with jwt token ( something like { token: , roles: } ).返回带有 jwt 令牌的用户角色(类似于 { token: , roles: } )。
Maybe there is some better option that I don't know.也许有一些我不知道的更好的选择。 Thanks for all advices.感谢您的所有建议。
2 个解决方案
解决方案1
0 2020-12-31 03:33:03
- encrypt JWT on client side: don't do that, let the server do the logic.在客户端加密 JWT:不要这样做,让服务器执行逻辑。
- one more request to get user roles: it's okayish, but personally I wouldn't want extra request from client.获得用户角色的另一个请求:没关系,但我个人不希望客户提出额外请求。
- return user roles with jwt token: sure.返回带有 jwt 令牌的用户角色:确定。 You can see more info here Is setting Roles in JWT a best practice?您可以在此处查看更多信息在 JWT 中设置角色是最佳做法吗?
解决方案2
0 2020-12-31 03:58:54
This is the way to do it,这是做到这一点的方法,
return user roles with jwt token ( something like { token: , roles: } ).
but you don't have to do anything, let the backend do the stuff但是你不需要做任何事情,让后端做这些事情
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.