Menu
The user can logout himself when he/she clicks on the logout button but if the token is expired he/she cant logout because in my application, the token is used in both server side and front end. When user clicks on the logout button, the token from both server and browser is cleared if token is valid. There is a chance that when user does not log out and his/her token expires but is not being cleared in the browser. For addressing this situation, how do I check for token expiration every time the user visits in my app so if the token is expired, clear the token from the browser?
I tried in saga which watches in the background every time the user refreshes in the page or switch to another page. I don't think this is an efficient way. I reckon middleware comes into play.
function* loadInitialActions() { var dateNow = new Date(); console.log(jwtDecode(token).exp < dateNow.getTime() - jwtDecode(token).iat); const token = JSON.parse(localStorage.getItem("user")) && JSON.parse(localStorage.getItem("user"))["token"]; if ( token && jwtDecode(token).exp < dateNow.getTime() - jwtDecode(token).iat ) { yield put(LOGOUT_SUCCESS); } } function* initialize() { const watcher = yield fork(loadInitialActions); yield take([INITIALIZE_ERROR, INITIALIZE_SUCCESS]); yield cancel(watcher); } function* rootSaga() { console.log("rootSaga"); yield takeLatest(INITIALIZE, initialize); } So my question is how do I use the token expiration logic and logout user if token is expired from the middleware?
858
You can confirm your expiration date anytime by going to Settings > WorkSpace Settings > Social Accounts. Then simply look under the Token Status to learn the expiration date of your accounts token.
verify method to a function that returns a promise and assign it to jwtVerifyAsync . Then we call jwtVerifyAsync with the token and the token secret to check if the token is valid. If it's expired, then it's considered invalid and an error will be thrown.
In short, you need to use REFRESH_TOKEN when ACCESS_TOKEN expires to get a new ACCESS_TOKEN. JWT has two kind of tokens: ACCESS_TOKEN and REFRESH_TOKEN.
If you attempt to use an expired token, you'll receive a "401 Unauthorized HTTP" response. When this happens, you'll need to refresh the access token.
In my view middleware will be the best option.
You can do something like this
const checkTokenExpirationMiddleware = store => next => action => { const token = JSON.parse(localStorage.getItem("user")) && JSON.parse(localStorage.getItem("user"))["token"]; if (jwtDecode(token).exp < Date.now() / 1000) { next(action); localStorage.clear(); } next(action); }; You have to then wrap it in applyMiddleware
109
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
