我正在使用authListener export class AuthService {
private authListener = new Subject<boolean>();
isLoggedIn() { return this.authListener.asObservable(); }
login() {
localStorage.setItem('token', token);
...
this.authListener.next(true);
}
logoff() {
localStorage.removeItem('token');
...
this.authListener.next(false);
}
}来获取用户身份验证状态:
authListener
因此,我可以在组件中调用export class HeaderComponent implements OnInit {
isAuthenticated = false;
auth$: Subscription;
constructor(private authService: AuthService) { }
ngOnInit() {
this.auth$ = this.authService.isLoggedIn().subscribe(
(isAuth: boolean) => {
this.isAuthenticated = isAuth;
});
}
}值:
authListener
但是,它似乎并不可靠,因为用户可以执行诸如刷新页面之类的操作,然后Auth State将会丢失。有可靠的方法吗?
我试图避免使用localStorage,因为用户可以随时更改authListener。
更新:似乎要存储cookie。如何使用Node.js + Express(HttpOnly;安全)将JWT Token和res.status(200).json({success: true, token: token, reftoken: refreshToken, expiresIn: 900, name: user.name});存储在cookie中?
应该是这样的...
//登录原始回复
res.cookie('token', token, { secure: true, httpOnly: true });
res.cookie('tokenref', refreshToken, { secure: true, httpOnly: true });
res.cookie('expiration', expireDate, { secure: true, httpOnly: true });
res.status(200).json({success: true, name: user.name});
//登录cookie响应
library(ggplot2)
p <- ggplot(X24_hours_plus_and_miuns_gene_list,
aes(X24_hours_plus_and_miuns_gene_list$FC.plusvsminus_24,
X24_hours_plus_and_miuns_gene_list$rawP.plusvsminus_24))
p + geom_point()