Angular AuthListener-如何在页面刷新后保持用户登录

时间:2018-10-05 05:49:32

标签: javascript node.js angular express authentication

我正在使用authListener export class AuthService { private authListener = new Subject<boolean>(); isLoggedIn() { return this.authListener.asObservable(); } login() { localStorage.setItem('token', token); ... this.authListener.next(true); } logoff() { localStorage.removeItem('token'); ... this.authListener.next(false); } }来获取用户身份验证状态:

authListener

因此,我可以在组件中调用export class HeaderComponent implements OnInit { isAuthenticated = false; auth$: Subscription; constructor(private authService: AuthService) { } ngOnInit() { this.auth$ = this.authService.isLoggedIn().subscribe( (isAuth: boolean) => { this.isAuthenticated = isAuth; }); } }值:

authListener

但是,它似乎并不可靠,因为用户可以执行诸如刷新页面之类的操作,然后Auth State将会丢失。有可靠的方法吗? 我试图避免使用localStorage,因为用户可以随时更改authListener。

更新:似乎要存储cookie。如何使用Node.js + Express(HttpOnly;安全)将JWT Tokenres.status(200).json({success: true, token: token, reftoken: refreshToken, expiresIn: 900, name: user.name});存储在cookie中? 应该是这样的...

//登录原始回复

res.cookie('token', token, { secure: true, httpOnly: true }); res.cookie('tokenref', refreshToken, { secure: true, httpOnly: true }); res.cookie('expiration', expireDate, { secure: true, httpOnly: true }); res.status(200).json({success: true, name: user.name});

//登录cookie响应

library(ggplot2) p <- ggplot(X24_hours_plus_and_miuns_gene_list, aes(X24_hours_plus_and_miuns_gene_list$FC.plusvsminus_24, X24_hours_plus_and_miuns_gene_list$rawP.plusvsminus_24)) p + geom_point()

0 个答案:

没有答案
相关问题