我在c#上有这段代码。NET服务器端,将令牌返回到Angular2客户。是否有任何文档描述如何在java脚本角度方面解释它(使用哪些类及其成员来正确解析它(
private string generateJwtToken(Account account)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new[] { new Claim(/* "id" */ClaimTypes.NameIdentifier, account.Id.ToString()) }),
Expires = DateTime.UtcNow.AddMinutes(15),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);
}
客户端解析:
var exp = this.accountValue.jwtToken.split('.')[1];
const jwtToken = JSON.parse(atob(this.accountValue.jwtToken.split('.')[1]));
// set a timeout to refresh the token a minute before it expires
const expiresUtc = new Date(jwtToken.exp);
const expires = new Date(jwtToken.exp * 1000);
const mins = expires.getTime() - Date.now();
const timeout = expires.getTime() - Date.now() - (60 * 1000);
this.refreshTokenTimeout = setTimeout(() => this.refreshToken().subscribe(), timeout);
令牌并不意味着要在客户端上解析,它只是存储并与任何后续请求一起发送。如果您需要客户端上的用户名、角色等数据,只需将它们与身份验证响应中的令牌一起发送即可。