Question 1: token is every time the user open the client USES the account password, the server will generate a new token to the client, and then set a token expiration time, behind the request with this token, what role the token expired time, please? During this time can't be in the user use expired?
Question 2: token is generated in account for the first time, the user password after login, and then set a token expiration time, then the user for the second time open the client USES the stored token to log in, and then determine the token server time have expired (here have reflected the token expired time), with understanding, find information server will be on each request token judgement and judgement expiration time, if the wrong token or expired, returned to forced back to the login screen, and the thing: games, for example, assume that the user is playing games, playing a game when a client needs to constantly send the request, said each request with a token, in front of the token at this time of time suddenly expired, then don't force users are playing a game of exit to the login screen?
Comprehensive above,
Question 1 token expiration time use? , as long as the user login the last token is useless, and expiration time?
Question 2 although withdrawal token expiration time use, but the user in normal use may be forced out, I don't know how to deal with it?
CodePudding user response:
Token expired, usually in order to prevent others using your mobile phone, such as many app need to login again, especially involving money, but if you are automatically in token, that may be you are think it's no use, and token expired can also prevent caughtCodePudding user response:
Call interface, can prevent others, token can also be used to identify the user, so that you don't have to preach id in the interface,,CodePudding user response: