[英]Angular 6 change JWT token before remake request after token update
我在令牌过期时使用JWT身份验证结束(后端检查它)我必须调用刷新令牌API并重新启动最后一次调用失败,因为过期的令牌。
我已经有了拦截器,但我必须在发出请求之前更新身份验证标头,我必须等待refreshToken
调用。
intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
const { shouldRetry } = this;
return next.handle(request).pipe(
retryWhen(genericRetryStrategy({
shouldRetry
})),
catchError(err => {
//401 the token is invalid so I have to refresh it
if (err.status === 401) {
this.auth.refreshToken().subscribe(
(apiResult: SessionTokenResponse) => {
this.auth.saveToken(apiResult.token);
},
error => this.auth.logout()
);
request = request.clone({headers: request.headers.set('Authorization', 'Bearer ' + this.auth.getSessionToken)});
return next.handle(request);
}
const error = err.error.message || err.statusText;
return throwError(error);
}),
)
}
这是重拍电话的正确方法吗? 我怎么能等到refreshToken
结束? 谢谢
编辑:我更新了这个似乎有效的代码,我正在测试它
intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
const { shouldRetry } = this;
return next.handle(request).pipe(
retryWhen(genericRetryStrategy({
shouldRetry
})),
catchError(err => {
//401 the token is invalid so I have to refresh it
if (err.status === 401) {
this.auth.refreshToken().subscribe(
(apiResult: SessionTokenResponse) => {
this.auth.saveToken(apiResult.token);
request = request.clone({ headers: request.headers.set('Authorization', 'Bearer ' + apiResult.token) });
next.handle(request).subscribe();
},
err => this.auth.logout()
);
}else{
const error = err.error.message || err.statusText;
return throwError(error);
}
}),
)
}
如果我的问题很好,您可以使用async
等待刷新令牌,您可以检查当前令牌的访问权限,或者如果它在CanActivate
无效则刷新它顺便说一句,在每个请求上,它都会检查Access for token而不需要在interceptor
添加其他代码
在auth服务
async isAuthenticated(){
const response = await this.auth.refreshToken().toPromise();
return response;
}
在CanActivate
async canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
this.authenticated= await this.Service.isAuthenticated();
if(this.authenticated) {
this.auth.saveToken(apiResult.token);
return true;
}
else
this.auth.logout();
// navigate to login
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.