Answer the question
In order to leave comments, you need to log in
What is the best way to solve the problem with replacing tokens in case of asynchronous requests?
Hello,
actually, the question is: There is a standard REST API client-server pair that provides access to data using a token. Tokens work on the principle of access-refresh. In the case of synchronous sending of requests to the server, there are no problems:
- C: sent the first request
- C: returned the first first request with a replacement request access
- C: sent a replacement request
- C: sent a new pair of tokens
- C: accepted the tokens and resent the first one request
- K: received a response and sent a second request
But in the case of asynchronous sending of requests from the client side, a situation may arise when, after generating a new pair of tokens on the server, but before they are received by the client, a second request is sent, which is rejected by the server due to a mismatch of the access token.
What is the best way to solve the problem with the replacement of tokens in this case?
The most acceptable option, in my opinion, is something like resending the request after 400-500ms (with a new access token), but this will negatively affect the speed of opening pages in the application.
Is the access-refresh approach appropriate in this case, or is there something better? I would be grateful for advice/links to read.
Answer the question
In order to leave comments, you need to log in
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question