如何在HttpInterceptor mergeMap之间导航时避免多个mergeMap调用?
如何在HttpInterceptor mergeMap之间导航时避免多个mergeMap调用?
提问于 2018-10-12 13:58:29
我使用两个JWT令牌-刷新令牌(7天后到期)和访问令牌( 15分钟后到期)。它们存储在httpOnly cookie上,可以通过服务器访问。刷新方法对新令牌进行签名并将其存储在cookie上。我需要在每次请求之后检查这些令牌是否过期,如下所示:
@Injectable()
export class AuthInterceptor implements HttpInterceptor {
constructor(private authService: AuthService, private cookieService: CookieService) { }
intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
const expirationToken = this.cookieService.get('tokenexp'); // access token expiration
const expirationTokenRefresh = this.cookieService.get('tokenrefexp'); // refresh expiration
// refresh token -> access token -> original request
return of(Number(expirationTokenRefresh) < Date.now()).pipe(
mergeMap(expire => expire
? this.authService.refreshTokenRefresh()
: of(Number(expirationToken) < Date.now())
),
mergeMap(expire => expire
? this.authService.refreshToken()
: of(true)
),
mergeMap(ok => next.handle(req.clone({ withCredentials: true })))
);
}
}
// auth service
refreshToken() {
return this.http.get(`${BACKEND_URL}/refreshtoken`);
}
refreshTokenRefresh() {
return this.http.get(`${BACKEND_URL}/refreshtokenref`);
}
我可以发送一个请求来刷新一个令牌,然后发送另一个请求来刷新第二个令牌,最后发送一个带有更新cookie的原始请求。总之,我可能需要在原始请求之前发送请求。
问题是:每次发出请求时,都会有一个请求循环到AuthInterceptor。请求一和二(令牌)不应该调用AuthInterceptor。
回答 1
Stack Overflow用户
回答已采纳
发布于 2018-10-15 14:34:38
如果请求url用于令牌,则执行条件检查以跳过拦截器。
@Injectable()
export class AuthInterceptor implements HttpInterceptor {
constructor(private authService: AuthService, private cookieService: CookieService) { }
intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
if(req.url===`${BACKEND_URL}/refreshtoken` || req.url ===`${BACKEND_URL}/refreshtokenref`)
return next.handle(req.clone({ withCredentials: true }))
const expirationToken = this.cookieService.get('tokenexp'); // access token expiration
const expirationTokenRefresh = this.cookieService.get('tokenrefexp'); // refresh expiration
// refresh token -> access token -> original request
return of(Number(expirationTokenRefresh) < Date.now()).pipe(
mergeMap(expire => expire
? this.authService.refreshTokenRefresh()
: of(Number(expirationToken) < Date.now())
),
mergeMap(expire => expire
? this.authService.refreshToken()
: of(true)
),
mergeMap(ok => next.handle(req.clone({ withCredentials: true })))
);
}
}
// auth service
refreshToken() {
return this.http.get(`${BACKEND_URL}/refreshtoken`);
}
refreshTokenRefresh() {
return this.http.get(`${BACKEND_URL}/refreshtokenref`);
}
请务必同意@新安,拦截器有时可能是一个更大的问题。创建您自己的http服务可能更好
class HttpService{
constructoer(private _http:HttpClient)
preIntercept(url,options){
this._http.get(tokenUrl).pipe(
map(res=>{
//do your stuff
return {url,options}
}))
}
get(url,options={}){
return this.preIntercept(url,options).pipe(
mergeMap(({url,options})=>this._http.get(url,options))
}
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/52781145
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号