angular 验证 Jwt 令牌
[英]angular validate Jwt Token
问题描述
I have a public and private key to create a JWT token.
我有一个公钥和私钥来创建一个 JWT 令牌。 With the private key, I create a JWT token, and with the public key, I check the validity of the token.使用私钥,我创建一个 JWT 令牌,并使用公钥检查令牌的有效性。 To create a token on the server side, I use the following code:要在服务器端创建令牌,我使用以下代码:
Jwts.builder()
.setHeaderParam("typ","JWT")
.claim("email", userPrincipal.getEmail())
.claim("roles", roleList)
.setIssuedAt(new Date())
.setExpiration(new Date(new Date().getTime() + jwtExpirationMs))
.signWith(getPrivateKey(), SignatureAlgorithm.RS512)
.compact();
To check the validity of the token on the server side, I use the public key and the following code:为了检查服务器端令牌的有效性,我使用公钥和以下代码:
Jwts.parserBuilder().setSigningKey(getPublicKey()).build().parseClaimsJws(jwtString);
Now my task is to check the validity of the token on the Angular client side.现在我的任务是在 Angular 客户端检查令牌的有效性。
Please tell me how can this be done?请告诉我如何做到这一点?
1 个解决方案
解决方案1
0 2022-09-10 12:31:02
I don't think you should check it on the client side!我认为您不应该在客户端检查它!
Set your JWT token as an HttpOnly cookie so that future requests from the client side have the token as a cookie and you can evaluate the token on the server for each request.将您的 JWT 令牌设置为HttpOnly cookie,以便将来来自客户端的请求将令牌作为 cookie,并且您可以为每个请求评估服务器上的令牌。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.