Angular 5 Http拦截器刷新JWT token

标签 angular angular5 angular-http-interceptors

我已经实现了 token 保存、检索的逻辑,并且还进行了刷新调用。问题是,当我在 HttpInterceptor 中拦截 403 时,同时进行的其他调用也会刷新 token 。我很乐意保留这些电话,直到我的 token 被刷新。创建我称之为请求“信号量”的东西。

@Injectable()
export class TokenInterceptor implements HttpInterceptor {

private auth: AuthService;

constructor(private injector: Injector) {
}

intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
    this.auth = this.injector.get(AuthService);

    if(this.auth.isAuthenticated()){
        request = request.clone({
            setHeaders: {
                Accept: 'application/json',
                Authorization: `Bearer ${localStorage.getItem('access_token')}`
            }
        });
    } else {
        request = request.clone({
            setHeaders: {
                Accept: 'application/json'
            }
        });
    }

    return next.handle(request).catch(error => {
        if (error.status === 401) {
            console.log('refreshing token');

            // TODO: return Refresh Token here and hold other calls
        }

        return Observable.throw(error);
    });
}

最佳答案

好吧,我无法设置环境来测试此逻辑是否正常工作,但我尽力了:

你的拦截器应该是这样的:

@Injectable()
export class TokenInterceptor implements HttpInterceptor {

  private auth: AuthService;

  constructor(private injector: Injector) {
    this.auth = this.injector.get(AuthService);
  }

  setHeaders(request) {
    return function (token) {
      return request.clone({
        setHeaders: {
          Accept: 'application/json',
          Authorization: `Bearer ${token}`
        }
      });
    }
  }

  intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
    return this.auth
      .getToken()
      .map(this.setHeaders(request))
      .mergeMap(next.handle)
      .catch(error => {
        if (error.status === 401) {
          return this.auth.refreshToken()
            .map(this.setHeaders(request))
            .mergeMap(next.handle);
        }
        return Observable.throw(error);
      });
  }

}

还有你的 AuthService:

@Injectable()
export class AuthService {

  private refreshTokenCall;

  saveTokenInLocalStorage(token) {
    localStorage.setItem('access_token', token);
  }

  getToken() {
    if (localStorage.getItem('access_token')) {
      return Observable.of(localStorage.getItem('access_token'));
    }

    return this.refreshToken();
  }

  refreshToken() {
    if (!this.refreshTokenCall) {
      this.refreshTokenCall = this.http.get(refreshTokenURL)
        // Maybe a .map() here, it depends how the backend returns the token
        .do(this.saveTokenInLocalStorage)
        .finally(() => this.refreshTokenCall = null);
    }
    return this.refreshTokenCall;
  }

}

希望对你有所帮助。

关于Angular 5 Http拦截器刷新JWT token ,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/48060749/

上一篇:angular - 我应该取消订阅 react 形式的 valueChanges 吗?

下一篇:angular - 如何将内容投影到 mat-table 列

相关文章:

html - 切换/切换动态创建的组件

Angular2更新表单控件值

javascript - 使用 Angular 模板语法传递 SVG 路径

angular - ngStyle 与指令调用函数之间的性能

angular - Ionic 4/Angular 6 - 使用拦截器在 401/403 上重定向登录页面

带有选择多个的 Angular 2 FormBuilder

angular5 - 根据选择另一个 p-dropdown PrimeNG 禁用 p-dropdown

angular - 在没有包装器 ViewChild 的情况下从组件代码访问 ng-content

javascript - 如何从 $httpProvider 拦截器的 'reponse' 函数抛出错误

angular - HttpInterceptor 重构错误信息

©2024 IT工具网  联系我们