Bogopodoben2016-08-14 12:26:56
Bogopodoben, 2016-08-14 12:26:56

Angularjs jwt refresh token how to implement?

Actually a question. There is authentication through JWT angularjs.
At the moment, everything works ok, after authorization with api, a token of the form is returned:

is written in cookies and works as a header in all requests to api.
The problem is that when the life of the token expires, it is necessary to re-login.
After reading the Internet, I found out that there is such a topic in jwt as a refresh token, which is updated or updates the access token before it expires.
I read a rather useful article on habré https://habrahabr.ru/post/267349/ and the jwt doc https://github.com/auth0/auth0-angular/blob/master... , and could not understand their example by resfresh token. I did not catch up with where to get it originally.
Can I learn more about how to update an access token via refresh?
How to implement a request for refresh after the required period of time, etc.
It would be ideal to explain with a working example.
PS: Partially implemented the scheme, but the token is updated only after the time runs out, and any request to the server issues 401 and logs out the way I did the check for $stateChangeStart, everything is ok when navigating through the pages. I know it's not true, but still.
There is a request like api / refresh to refresh the token, but the question is how to properly implement the idea of ​​​​refreshing the token before it ends?
At the moment, what is:
var token = AuthUser.getToken();
        var dateToken = $filter('date')(jwtHelper.getTokenExpirationDate(token), 'dd.MM.yyyy HH:mm:ss');
        var dayDate = $filter('date')(new Date(), 'dd.MM.yyyy HH:mm:ss');

        if (dayDate > dateToken) {
          return $http({
            url: API.url + '/api/refresh',
            skipAuthorization: true,
            method: 'GET',
          }).then(function(response) {
            var id_token = response.data.token;
            return id_token;

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Artem Kustikov, 2016-08-23

The cookie token is written in the north, so you need to update it there, here is an example: stackoverflow.com/questions/26580213/implementing-...
No additional magic (refresh) is needed on the client

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question