carries access_token
and refresh_token
if access_token
expires, the new access_token
will be obtained according to refresh_token
, and then the expiration time of refresh_token
will be updated!
but there is a question! How do I write to the client after getting a new access_token
?
such as scene
user requests an order list after logging in for a period of time ( access_token
has expired).
but due to access_token
has expired when requesting an order list! So get a new token according to refresh_token
!
We block the request for the order list and let it get the new access_token
and return a specific status code! According to the judgment status code, the client determines whether to write access_token
?
according to the agreed status code. In this case, what should I do if the request for the order list is gone?
do you have a big answer to what you feel like a mess? (there is a reward)
there is a train of thought at present
at the time of the request, determine whether the token expires, if not, continue the request;
if there is an expiration, detect refresh_token
whether it expires; if it also expires, let the user log in again!
if token
expires but refresh_token
sets the expiration time of the new Token update refresh_token
in the middleware; the request continues and adds the token field to the returned json!
{
"status": 1,
"msg": "",
"data":[
//
],
"token" :"xxxxxxxxxxxxx" //token
in the client response interceptor
, if there is a token
field in the returned object, replace the old token
!
I wonder if this is feasible?