Javascript 发布/刷新api返回';未经授权';
我是刷新令牌的新手,无法使我的应用程序正常工作。一旦JWT_令牌过期,我就无法连接到刷新api路由来刷新令牌。我得到一个错误: 加载资源失败:服务器响应状态为401(未授权) 我想不出是怎么回事 以下是我的一些代码:Javascript 发布/刷新api返回';未经授权';,javascript,angular,jwt,interceptor,Javascript,Angular,Jwt,Interceptor,我是刷新令牌的新手,无法使我的应用程序正常工作。一旦JWT_令牌过期,我就无法连接到刷新api路由来刷新令牌。我得到一个错误: 加载资源失败:服务器响应状态为401(未授权) 我想不出是怎么回事 以下是我的一些代码: refreshToken() { return this.http.post<any>(environment.apiBaseUrl + '/refresh', { 'refreshToken': this.getRefreshToken()
refreshToken() {
return this.http.post<any>(environment.apiBaseUrl + '/refresh', {
'refreshToken': this.getRefreshToken()
}).pipe(tap((tokens: Tokens) => {
console.log('token', tokens);
this.storeJwtToken(tokens.jwt);
}));
}
刷新令牌服务必须打开,因为您检查了过期令牌和未经授权的错误Raisaed 刷新令牌服务仅获取旧令牌并返回新的有效令牌。它应该跳过对过期令牌的检查
查看更多信息我不明白你所说的开放是什么意思。此外,如果我这样做,我将能够从API获取数据?如果您在当前令牌到期之前刷新令牌(例如每个调用续订令牌),则所有内容都将写入,但如果您在令牌到期后刷新,则意味着您无法使用当前令牌调用授权服务,那么您必须调用未受保护的服务来刷新令牌
module.exports.refresh = (req, res, next) => {
const refreshToken = req.body.refreshToken;
if (refreshToken in refreshTokens) {
/* Possible error in assignment */
const user = {
'email': refreshTokens[refreshToken].email,
'fullName': refreshTokens[refreshToken].fullName
}
const token = jwt.sign(user, 'anything', {expiresIn: 2000});
res.json({jwt: token})
}
else {
res.sendStatus(401);
}
}
private handle401Error(request: HttpRequest<any>, next: HttpHandler) {
if (!this.isRefreshing) {
this.isRefreshing = true;
this.refreshTokenSubject.next(null);
console.log('good');
return this.authService.refreshToken().pipe(
switchMap((token: any) => {
console.log('token', token);
this.isRefreshing = false;
this.refreshTokenSubject.next(token.jwt);
return next.handle(this.addToken(request, token.jwt));
}));
} else {
return this.refreshTokenSubject.pipe(
filter(token => token != null),
take(1),
switchMap(jwt => {
return next.handle(this.addToken(request, jwt));
}));
}
}
intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
if (this.authService.getJwtToken()) {
request = this.addToken(request, this.authService.getJwtToken());
console.log("Request:", this.addToken(request, this.authService.getJwtToken()));
console.log("Request:", request, this.authService.getJwtToken());
}
return next.handle(request).pipe(catchError(error => {
if (error instanceof HttpErrorResponse && error.status === 401) {
console.log('TM Error 401', error);
return this.handle401Error(request, next);
} else {
console.log('TM Error else', error);
return throwError(error);
}
}));
}
exports.verifyJwtToken = (req, res, next) => {
if ('authorization' in req.headers) {
const token = req.headers['authorization'].split(' ')[1];
console.log('token', token);
jwt.verify(token, '*****',
(err, decoded) => {
if (err) {
console.log(err);
res.status(401).send({ auth: false, message: 'Token authentication failed.' });
}
else {
console.log(decoded);
req.user = decoded;
console.log("req.user", req.user);
next();
}
})
} else {
res.status(403).send({ auth: false, message: 'No token provided.' });
}
}