我在ASP.NET Core应用中使用JWT身份验证:
edges[vec[index]]如何通知客户端其令牌已过期? 可能是401响应中的某个正文或另一个响应代码?
答案 0 :(得分:1)
它将返回401 Unauthorized作为状态代码,并在WWW-Authenticate标头中包含错误代码/说明:
WWW-Authenticate: Bearer error="invalid_token", error_description="The token is expired"
您也可以手动编写错误消息:
options.Events = new JwtBearerEvents()
{
OnChallenge = context =>
{
// Skip the default logic.
context.HandleResponse();
var payload = new JObject
{
["error"] = context.Error,
["error_description"] = context.ErrorDescription,
["error_uri"] = context.ErrorUri
};
return context.Response.WriteAsync(payload.ToString());
}
};