堆栈内存溢出
  简体   繁体   English

当 JWT 过期时注销用户

[英]Log out user when JWT has expired

 原文  2021-02-03 17:37:06       javascript/ reactjs

问题描述

After successful login I'm storing a JWT in context/localStorage.成功登录后,我将 JWT 存储在 context/localStorage 中。 I have my auth context setup like this.我有这样的身份验证上下文设置。 How can I use the token details iat and exp to log the user out once it expires?过期后如何使用令牌详细信息iatexp将用户注销?

Also the refresh limit is hard set at 1.刷新限制也硬设置为 1。

export const UserContext = createContext();

export function AdminPrivateRoute({ component: Component, ...rest }) {
  const { userInfo } = useContext(UserContext);
  const { token } = useContext(TokenContext);

  /* Token details
    exp: "",
    iat: "",
    jti: "",
    refreshCount: "",
    refreshLimit: "",
    sub: "",
  */

  console.log("userInfo in AdminPrivate", userInfo);
  return (
    <Route
      {...rest}
      render={(props) =>
        userInfo.isLoggedIn ? (
          <Component {...props} />
        ) : (
            <Redirect
              to={{
                pathname: "/login",
                state: { from: props.location },
              }}
            />
          )
      }
    />
  );
}

export function UserProvider({ children }) {
  const history = useHistory();
  const [userInfo, setUserInfo] = useLocalStorage("user", {
    isLoggedIn: false,
    type: "",
    id: "",
    attributes: {
      fullName: "",
      token: "",
    },
  });

  const value = useMemo(() => ({
    userInfo, setUserInfo, logout: user => {
      setUserInfo({
        isLoggedIn: false,
        type: "",
        id: "",
        attributes: {
          fullName: "",
          token: "",
        },
      })
      history.push("/login");
    }
  }), [userInfo])

  return <UserContext.Provider value={value}>{children}</UserContext.Provider>;
}

Basic routing setup基本路由设置

<Router>
  <ResourcesProvider>
    <UserProvider>
      <TokenProvider>
          <Switch>
            <Redirect exact path="/" to="/login" />
            <Route path="/login" component={LoginForm} />
            <AdminPrivateRoute path="/dashboard" component={Dashboard} />
          </Switch>
      </TokenProvider>
    </UserProvider>
  </ResourcesProvider>
</Router>

1 个解决方案

解决方案1
 2  2021-02-03 18:40:45

Like bravemaster said you normally dont need to decode a token just for the expiry time of the token.就像勇敢大师说的那样,您通常不需要仅在令牌的到期时间内解码令牌。
A token can become invalid when it expires or when it gets invalidated by the auth provider.令牌在过期或被身份验证提供程序无效时可能会变得无效。
Typically your server application should validate the token on each request.通常,您的服务器应用程序应在每个请求上验证令牌。 If it's invalid it should send a http 403 status to the client.如果它无效,它应该向客户端发送 http 403 状态。
That 403 status you can handle on your client: you can either request a new auth-token with your refresh token or you can redirect the user to a login page or log out the user.您可以在客户端上处理的 403 状态:您可以使用刷新令牌请求新的身份验证令牌,也可以将用户重定向到登录页面或注销用户。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 React:如果用户的 cookie 过期,如何注销用户? - React: How to log user out if their cookie is expired? 当 jwt 刷新令牌未过期时,React Native 应用程序注销 - React Native app logs out when jwt refresh token is not expired 如何在React / Redux中Session(JWT)到期时发出警报 - How to alert when Session (JWT) has expired in React/Redux 使用过期的 JWT 令牌注销用户 - Logout user on expired JWT token AJAX功能可检测会话何时过期并注销 - AJAX function to detect when session is expired and log out session过期后如何强制注销? - How to force log out after session expired? 令牌过期时如何使用 react-router-dom 重定向用户? - How do you use react-router-dom to redirect user when token has expired? 使用JWT令牌使访问令牌过期时刷新令牌调用 - Refresh Token call when Access token expired using JWT token 使用过期的 jwt 处理自动登录 - Handling Autologin with expired jwt Twilio JWT令牌已过期 - Twilio JWT Token expired
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM