记录最近做的用户登录
问题1:我刷新页面的时候,怎么知道是否已经登录了,并且调用任何一个接口的时候,如何识未登录状态,跳转到登录界面
解决:
1.输入用户名和密码,调用登录接口
2.登录成功,接口返回有效token,将这个有效token存到本地
3.调用所有接口的时候都把token(Authorization)放在header里,传给后端
//Request Headers
/*
Accept: application/json, text/plain,
Accept-Encoding: gzip, deflate, br
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8
Authorization: token eyJhbGciOiJIUzUxMiJ9.eyJ0b2tlbl9jcmVhdGVfdGltZSI6MTU4NTIwODI5NTA4Miwic3ViIjoiZmVpZmVpMTIzIiwidG9rZW5fdXNlcl9uYW1lIjoiZmVpZmVpMTIzIiwiZXhwIjoxNTg2NDE3ODk1LCJ0b2tlbl91c2VyX3Bhc3N3b3JkIjoiJDJhJDEwJE5hdVUyMHpya2lkMS54NWlJOEtENU82Um9IL1RobTVVVkwxTUhqdm9BTnJjb0ZxRTBCZXBTIn0.bO0R9NlT0NDhH4veFeJGkx60T-fxgZALFqOb-LzzVoWwGNqJgkpsHWp1AZatgFwXOqoPt-zFRdHc6EofoVbmHA
*/
//axios中这样写
axios.interceptors.request.use( config => {
config.headers.Authorization = `token ${localStorage.JWT_TOKEN}`;
return config;
})
问题2:上一个问题解决了,那么下一个问题,这个token 的有效期怎么设置呢,假设后端设置有效期为两个小时,也就是说这个token生成之后两个小时就失效了,那么如果我正在操作页面,两个小时到了,token失效了,突然从正在的页面跳转到登录页面,尴尬不~
解决:
每次调用接口的时候,后端都在response里面带一个新的token过来,我们只需要获取这个新token,替换本地旧的token,放在接口的header里传给后端就可以辣
//Response Headers
//refresh_token是后端传过来的新token
/*
access-control-expose-headers: Authorization
connection: close
content-encoding: gzip
content-type: application/json;charset=UTF-8
date: Thu, 26 Mar 2020 07:46:35 GMT
refresh_token: eyJhbGciOiJIUzUxMiJ9.eyJ0b2tlbl9jcmVhdGVfdGltZSI6MTU4NTIwODc5NTM3Nywic3ViIjoiZmVpZmVpMTIzIiwidG9rZW5fdXNlcl9uYW1lIjoiZmVpZmVpMTIzIiwiZXhwIjoxNTg2NDE4Mzk1LCJ0b2tlbl91c2VyX3Bhc3N3b3JkIjoiJDJhJDEwJE5hdVUyMHpya2lkMS54NWlJOEtENU82Um9IL1RobTVVVkwxTUhqdm9BTnJjb0ZxRTBCZXBTIn0.d340ZLjMLSDbvemo40eJ6L-xZX1gpokIWh03_BuyF2ZSJZsicxRRUI7-L6aoSQhie86h1G8qlp4iArLlDusNWQ
transfer-encoding: chunked
*/
axios.interceptors.response.use( response => {
// 更新token
localStorage.setItem('JWT_TOKEN', response.headers.refresh_token);
})
