3

I use slim-jwt-auth on the server side. I don't find a good way to handle token expiration in angular.

My current strategy:

I use a canActivate guard to check the token before accessing a route. Check mean: - check if token is valid (server) - check expiration date with angular2-jwt helpers (client)

If token has a expiration time < 1 day I refresh the token.

Is it possible to start this steps on every http request and not only when accessing routes? For example when the user hanging around on the route a long time?

One method could be a time interval to check. But maybe there are better solutions?

robert
  • 797
  • 3
  • 9
  • 23
  • You can use a BaseService where you provide a method for http errors, if you get a 401 you can refresh the token a retry the previous request. – dlcardozo Feb 06 '17 at 12:45
  • is it possible to implment this service as middleware for all http requests? – robert Feb 06 '17 at 13:40
  • 2
    Well the easiest way is to extend from a BaseService that will handle all the http requests, you just provide methods for get, post, put, delete and the handler for errors. If you want something more like a middleware you should create something that accepts handlers and stack them and then process all of them before or after running the http request. – dlcardozo Feb 06 '17 at 14:01
  • this could give you some solution. https://stackoverflow.com/questions/40428184/angular2-how-to-best-handle-expired-authentication-token – kasunb Dec 11 '17 at 04:28
  • for me an easy solution can be a "auto sign out" when the token has expired: https://blog.khophi.co/auto-sign-client-expire-jwt-angular/ – michabbb Feb 12 '18 at 14:58

0 Answers0