我正在尝试找出最好的方法是自动注销用户并在令牌过期后重定向到登录名。我是新来处理过期令牌的人,我想看看是否能在可能的方向上获得一些帮助,以创建此令牌(例如,它应该是某种中间件还是某种动作?) 。就操作和中间件而言,我的代码看起来像这样...
actions / actions.js
export const LOGIN_START = "LOGIN_START";
export const LOGIN_SUCCESS = "LOGIN_SUCCESS";
export const LOGIN_ERROR = "LOGIN_ERROR";
export const login = (creds, history) => (dispatch) => {
dispatch({ type: LOGIN_START });
axiosWithAuth()
.post(`/auth/login`, creds)
.then((res) => {
console.log(res);
setTimeout(() => {
localStorage.setItem("token", res.data.token);
localStorage.setItem("user_id", res.data.signIn.id);
localStorage.setItem("username", res.data.signIn.username);
setTimeout(() => {
dispatch({ type: LOGIN_SUCCESS });
history.push(`/users/${res.data.signIn.username}`);
}, 1000);
}, 1000);
})
.catch((err) => {
dispatch({ type: LOGIN_ERROR });
console.log(err);
});
};
export const SIGNUP_START = "SIGNUP_START";
export const SIGNUP_SUCCESS = "SIGNUP_SUCCESS";
export const SIGNUP_ERROR = "SIGNUP_ERROR";
export const signup = (creds, history) => (dispatch) => {
dispatch({ type: SIGNUP_START });
axiosWithAuth()
.post(`/auth/register`, creds)
.then((res) => {
console.log(res);
setTimeout(() => {
dispatch({ type: SIGNUP_SUCCESS });
localStorage.setItem("token", res.data.token);
localStorage.setItem("user_id", res.data.reg.id);
localStorage.setItem("username", res.data.reg.username);
history.push(`/users/${res.data.reg.username}`);
}, 1000);
})
.catch((err) => dispatch({ type: SIGNUP_ERROR }));
};
export const LOGOUT = "LOGOUT";
export const logout = (history) => (dispatch) => {
dispatch({ type: LOGOUT });
localStorage.removeItem("token");
localStorage.removeItem("user_id");
localStorage.removeItem("username");
history.push("/login");
};
中间件/受限中间件
const jwt = require('jsonwebtoken');
const secret = require('../data/secret');
module.exports = (req, res, next) => {
const token = req.headers.authorization;
if (req.decodedJwt) {
next();
} else if (token) {
jwt.verify(token, secret.jwtSecret, (err, decodedJwt) => {
if (err) {
res.status(401).json({ message: 'You need to sign in!', err });
} else {
req.decodedJwt = decodedJwt;
next();
}
})
} else {
res.status(401).json({ message: 'You need to sign in!' })
}
};
如果需要显示另一个文件,请告诉我
我将使用setTimeout来调用注销函数,该函数清除用户相关信息的本地存储。在我的示例中,我删除了令牌,userId和令牌到期时间。在我的情况下,时间以秒为单位,因此乘以1000乘以ms。具有操作类型的return语句供减速器清除登录状态。您可以根据需要摆脱它。
export const logOut = (time) => {
return (dispatch) => {
setTimeout(() => {
dispatch(authLogout());
}, time * 1000);
};
};
export const authLogout = () => {
localStorage.removeItem("token");
localStorage.removeItem("userId");
localStorage.removeItem("expirationDate");
return {
type: actionTypes.AUTH_LOGOUT,
};
};