Some personal records of Token

Keywords: network Vue JSON

Token: In computer identity authentication, it means token (temporary) and in lexical analysis it means token. Generally used as an invitation and login system.

Token is a token used to authenticate first. Secondly, its existence is time-limited, expired, and it can store some information in token. It can transfer and verify some user information.

The above is my understanding of token, the following is my specific use in the project.

First of all, background: in this project, there are small program ends, WebService interface ports, and vue background management terminals.

How to use it?

In this project, I put token in Request Headers. I only provide myself here. There are many concrete examples on the Internet.

WeChat terminal:

      header: {
                  'Content-Type': 'application/json',
                  "Authentication-Token": that.globalData.userInfo.token
                },

web terminal:

      if(store.state.user.token){
        config.headers.common['Authentication-Token']=store.state.user.token
      }

 

Server side:

        String token = request.getHeader("Authentication-Token");

How to deal with expiration?

End: when the identity expires, call the login interface again to get token and send the last network request again to ensure user experience. (Encapsulable network requests, unified processing)

            requestObj.resolve = resolve;
            promiseQueue.push(requestObj); //If the request fails, put the request on the promise queue and call it again after updating token.
            if (!that.globalData.needBeginLogin) { //If you don't need to log in again
              return;
            }
            //Prevent repeated calls to login.
            that.globalData.needBeginLogin = false;
            that.login(() => { //Execute callbacks after getting token
              //Call promise in the queue once after re-login; and set the queue as a cyclic state.
              let promiseQueueItem = promiseQueue.shift();
              if (promiseQueueItem) {
                that.globalData.exeQueue = true;
                that.promiseRequest(promiseQueueItem);
                that.globalData.promiseQueue = promiseQueue;
              }
            }, true)


web side: When the identity expires, return directly to the landing page.

       logout(state.token).then(() => {
          commit('setToken', '')
          commit('setAccess', [])
          resolve()
        }).catch(err => {
          reject(err)
        })


Server side: Judge directly in filter and call back directly if it expires.

        String token = request.getHeader("Authentication-Token");
                    if (!JwtUtil.verify(token)) {
                        response.setStatus(601);
                        return false;
                    }

The above is just a record of my personal use as a sprout. They are all code fragments, providing only one way of thinking.

Posted by veluit06 on Mon, 07 Oct 2019 04:21:25 -0700