Hello:
There is a problem about using the JWT/token login,
Login process is as follows: if the user is not login, will jump to the login. The HTML page, but the login. The login/login in HTML to send ajax to the background, the background using the user name password generated after token in the response header, and then the login. The HTML again through ajax callback function get response headers, put it in the localstrory, again through the windows.location.href=https://bbs.csdn.net/index login successful,
Written on the access token, please login process, process ok?
Token expired, for example, after refresh token, how about the front access again?
Hope to see a recovery following trouble, thanks

CodePudding user response:

To ensure that you can, front right for save the token process details are

The background to authentication token
Front end sends a request with the token, backend authentication token expired, redirect to illegal page, guide the user to log in or to access token (such as dynamic password)

CodePudding user response:

Need is background the refresh token, the token again into the response headers, by the front end once again

CodePudding user response:

Yes, need to save to the front

CodePudding user response:

The back-end generated token setup again to respond to head back to the front? The front is not received

CodePudding user response:

Always don't see how the front desk again after the refresh token process, front-end interceptor access or are there? And don't know much about it

CodePudding user response:

You how the front end of the call back?
The front-end (request) - & gt; The background (token fails, the refresh token) return (response) - & gt; The front (to get the response, save token)

CodePudding user response:

refer to 6th floor qybao response:

you how the front end of the call back?
The front-end (request) - & gt; The background (token fails, the refresh token) return (response) - & gt; The front (to get the response, save token)

Token is not the time to log in the front-end access to save? Like you don't have to save every time after the request token to cover the front before save the token? Don't know whether my understanding is correct, if every time to obtain token is too cumbersome

CodePudding user response:

refer to 7th floor KevinZhan1989 response:

token is not the time to log in the front-end access to save? Like you don't have to save every time after the request token to cover the front before save the token? Don't know whether my understanding is correct, if every time to obtain token is too cumbersome

Failure will refresh token, not refresh every time (can redirect to explicitly token refresh the page (like redirected to the login screen), or implicit internal automatic updates)

CodePudding user response:

Zuul know..