java 如何重置 JWT 令牌到期时间?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/38306678/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How can I reset the JWT token expiration time?
提问by sparrow
I have created a JWT token along with expiration time for authentication purpose. Each time when a url hits in the application i am checking for the token. I want to increase the JWT token expiration time. The following is how i done. but the token is expiring by taking the expiration time which is already set while creating the token.
我已经创建了一个 JWT 令牌以及用于身份验证的过期时间。每次当应用程序中的 url 命中时,我都会检查令牌。我想增加 JWT 令牌过期时间。以下是我的做法。但是令牌将通过创建令牌时已设置的到期时间而到期。
//creating JWT token only once when user logged in
String jwtToken = new String(Jwts.builder().setSubject(user.getUserId())
.setExpiration(expTime).setIssuedAt(new Date())
.signWith(SignatureAlgorithm.HS256, "secretkey").compact());
// checking the presence of token every time
Claims claims = Jwts.parser().setSigningKey("secretkey")
.parseClaimsJws(jwtToken).getBody();
claims.setExpiration(time); // trying to reset the expiration time
I don't know what's going wrong. Any help would be much appreciated.
我不知道出了什么问题。任何帮助将非常感激。
回答by
I think the expiration time is part of the token itself and it's not possible to extend the expiration time of a token without a new one.
我认为到期时间是令牌本身的一部分,如果没有新令牌,就不可能延长令牌的到期时间。
Please refer to JWT (JSON Web Token) automatic prolongation of expirationfor more discussion about this.
关于这方面的更多讨论,请参阅JWT (JSON Web Token) 自动延长到期时间。
回答by blur0224
You'll need to recreate the token. All the information in the token is signed, making the token unique depending on the values in the token. Changing the claim that you pull from the token doesn't do anything.
您需要重新创建令牌。令牌中的所有信息都经过签名,根据令牌中的值使令牌具有唯一性。更改您从令牌中提取的声明不会做任何事情。
回答by Pramuditha
It seems expTimedefined in the previous code lines.
它似乎expTime在前面的代码行中定义。
ex:- You can change this value.
例如:- 您可以更改此值。
int expTime = 43200000 //after 12 hours(Should in ms)
I think the best practice is to set this in the property file as follows. Then you can change that time after building the project.
我认为最好的做法是在属性文件中设置如下。然后您可以在构建项目后更改该时间。
app.expTime=43200000
After that call this value from token provide file
之后从令牌提供文件中调用此值
@Value("${app.expTime}")
private int expTime;
