我正在使用django-rest-framework-jwt和react-redux作为我的SPA。
需要在5分钟内到期的刷新令牌。刷新在5分钟内工作。在它不工作后,控制台显示此错误:
POST http://localhost:8000/auth/api-token-refresh/ 400 (Bad Request)
createError.js:17 Uncaught (in promise) Error: Request failed with status code 400
at createError (createError.js:17)
at settle (settle.js:19)
at XMLHttpRequest.handleLoad (xhr.js:78)Postman 说:
{
"non_field_errors": [
"Signature has expired."
]
}中间件的代码
import axios from "axios";
import * as urls from "../helpers/url";
import { authUpdateToken } from "../actions/auth";
const jwthunk = ({ dispatch, getState }: any) => (next: any) => (action: any) => {
if (typeof action === 'function') {
if (getState().auth && getState().auth.token) {
const currentToken = getState().auth.token;
verifyToken(currentToken)
.then((tokenVerified: any) => {
refreshToken(tokenVerified, dispatch)
})
.catch(() => {
refreshToken(currentToken, dispatch)
})
} else {
console.log('Not Auth');
}
}
return next(action);
}
export default jwthunk;
const verifyToken = async (token: any) => {
const body = { token };
let verifiedToken = '';
await axios.post('http://localhost:8000/auth/api-token-verify/', body)
.then(({ data: { code, expires, token } }: any) => {
verifiedToken = token;
});
return verifiedToken;
}
const refreshToken = async (token: any, dispatch: any) => {
const body = { token }
await axios.post('http://localhost:8000/auth/api-token-refresh/', body)
.then((response: any) => {
dispatch(authUpdateToken({ token }));
})
}django-rest-framework-jwt发送一个唯一的token,不带refresh-token
1条答案
按热度按时间hec6srdp1#
我认为图书馆有一个缺陷。您无法刷新过期令牌。
1)在你的代码中做一个猴子补丁(检查下面的提交代码)https://github.com/jpadilla/django-rest-framework-jwt/pull/348
2)切换到其他库
3)你需要在你的应用程序中运行一个计时器(前端),并在到期前每5分钟请求一次访问令牌。(这不是理想的方式)