我有这个函数可以创建令牌并且它有到期时间:
private string CreateJWT(User user)
{
var secretKey = configuration.GetSection("AppSettings:Key").Value;
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey));
var claims = new Claim[] {
new Claim(ClaimTypes.Name, user.Username),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
};
var signingCredentials = new SigningCredentials(
key, SecurityAlgorithms.HmacSha256Signature);
var tokenDescriptor = new SecurityTokenDescriptor{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.UtcNow.AddMinutes(1),
SigningCredentials = signingCredentials
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);
}
在登录控制器中,我正在分配令牌:
loginRes.Token = CreateJWT(user);
现在在我的应用程序中如何检查令牌是否过期?如果过期了,如何在没有用户交互的情况下注销用户?
我尝试过以下方法:
ngOnInit() {
this.token = localStorage.getItem("token");
if (this.token.expired !== true)
{
localStorage.removeItem("token");
this.router.navigate(["user/login"]);
}
token.expired 未定义。
我通过向事件添加计时器找到了解决方案:
this.token = localStorage.getItem("token");
timer(0, 600000).subscribe(() => {
const parseJwt = (this.token);
const decode = JSON.parse(atob(this.token.split('.')[1]));
console.log(decode);
if (decode.exp * 1000 < new Date().getTime())
{
localStorage.removeItem('token');
localStorage.removeItem('chosenfolder');
localStorage.removeItem('userName');
localStorage.removeItem('isAdmin');
localStorage.removeItem('userId');
this.router.navigate(["user/login"]);
this.alertify.error("Session Expired!")
}