使用拦截器刷新令牌

Question

const accessExpired = this.authService.isAccessTokenExpired();
const refreshExpired = this.authService.isRefreshTokenExpired();

如何在拦截器中获取accessExpired和refreshExpired对象

拦截器

import { Injectable } from '@angular/core';
import { HttpRequest, HttpHandler, HttpEvent, HttpInterceptor } from '@angular/common/http';

import { Observable, BehaviorSubject, Subject } from 'rxjs';
import { switchMap, take, filter, tap } from 'rxjs/operators';

import { AuthService } from './services/auth.service';
import { ServiceService } from './service.service';

@Injectable()
export class Interceptor implements HttpInterceptor {
  private refreshTokenInProgress = false;
  private refreshTokenSubject: Subject<any> = new BehaviorSubject<any>(null);
  private validTokenSubject: Subject<any> = new BehaviorSubject<any>(null);
  private validrefreshTokenSubject: Subject<any> = new BehaviorSubject<any>(null);

  constructor(public authService: AuthService, private service: ServiceService) { 

 }
  intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
    if (request.url.indexOf('refresh') !== -1) {
      return next.handle(request);
    }



    const accessExpired = this.authService.isAccessTokenExpired();
    const refreshExpired = this.authService.isRefreshTokenExpired();


    if (accessExpired && refreshExpired) {
      console.log("accessExpired");
      return next.handle(request);
    }
    if (accessExpired && !refreshExpired) {
      if (!this.refreshTokenInProgress) {
        this.refreshTokenInProgress = true;
        this.refreshTokenSubject.next(null);
        console.log("inside auth");


        return this.authService.requestAccessToken().pipe(
          switchMap((authResponse) => {
            console.log(authResponse);

            this.authService.saveToken(this.authService.TOKEN_NAME, authResponse.result.token);
            this.authService.saveToken(this.authService.REFRESH_TOKEN_NAME, authResponse.result.token);
            this.refreshTokenInProgress = false;
            this.refreshTokenSubject.next( authResponse.result.token);
            console.log(authResponse);
            return next.handle(this.injectToken(request));
          }),
        );
      } else {
        return this.refreshTokenSubject.pipe(
          filter(result => result !== null),
          take(1),
          switchMap((res) => {
            return next.handle(this.injectToken(request))
          })
        );
      }
    }

    if (!accessExpired) {
      console.log("Token not refresh");

      return next.handle(this.injectToken(request));
    }
  }

  injectToken(request: HttpRequest<any>) {
    const token = this.authService.getToken(this.authService.TOKEN_NAME);
    return request.clone({
      setHeaders: {
        Authorization: `Bearer ${token}`
      }
    });
  }
}

身份验证服务

 isAccessTokenExpired(): Observable<any> {
    let Headers = new HttpHeaders({
      Authorization: `Bearer ${localStorage.getItem(this.TOKEN_NAME)}`
    })
    return this.http.get<any>(this.api_user_url + '/IsTokenExpired', { headers: Headers })
    .pipe(map(res=>{ 
      return res.result
    }))


  }
  isRefreshTokenExpired(): Observable<any> {
    let Headers = new HttpHeaders({
      Authorization: `Bearer ${localStorage.getItem(this.TOKEN_NAME)}`
    })
    return this.http.get<any>(this.api_user_url + '/IsTokenExpired', { headers: Headers })
    .pipe(map(res=>{ 
      return res.result
    }))
  }

Answer 1

您必须从拦截器中排除“/IsTokenExpired”路由，同时还像 Shariq 所写的那样订阅 isAccessTokenExpired() 方法。

你可以通过改变来做到这一点：

if (request.url.indexOf('refresh') !== -1) {
  return next.handle(request);
}

进入

if (request.url.indexOf('refresh') !== -1 || request.url.indexOf('IsTokenExpired') !== -1) {
  return next.handle(request);
}

在拦截器内部的拦截函数顶部，否则拦截器将拦截您发出的请求以检查您的令牌是否过期。

Answer 2

this.authService.isAccessTokenExpired().subscribe((res)=>
{
// you will find the accessExpired as res here
// the rest code here
})