我们有一个Angular网站正在访问的ServiceStack服务。随机地,我们无法确定其原因或发生时间,使承载令牌无效。我们可以看到错误消息不接受承载令牌。 “令牌已失效”。我知道可以肯定的是,我们还没有重启服务栈服务,并且仍然在请求中传递了原始的承载令牌。我们没有实现使承载令牌无效的任何逻辑。我知道这有点含糊。如果有人可以指出如何在ServiceStack中解决这个问题。这就是我所需要的。
使用servicestack 5.4.1
namespace cbw.mvc.web.service
{
public class AppHost : AppHostBase
{
public AppHost() : base("ServiceStack + .NET Core", typeof(StartupService).Assembly) { }
public override void Configure(Funq.Container container)
{
Plugins.Add(new SwaggerFeature());
Plugins.Add(new RazorFormat());
//Works but recommend handling 404 at end of .NET Core pipeline
//this.CustomErrorHttpHandlers[HttpStatusCode.NotFound] = new RazorHandler("/notfound");
this.CustomErrorHttpHandlers[HttpStatusCode.Unauthorized] = new RazorHandler("/login");
//To include null values in the json globally
JsConfig.IncludeNullValues = true;
//This is mandate. We need "IncludeNullValuesInDictionaries = true" to include null values
JsConfig.IncludeNullValuesInDictionaries = true;
var corsWhitelist = AppSettings.GetList("cors.whitelist.urls");
//To automatically wired up for you on all HTTP Verbs (GET, POST, etc)
//And built-in endpoints, i.e. DeviceConfigValues, XML, JSV, HTML, CSV, SOAP
Plugins.Add(new CorsFeature(
allowOriginWhitelist: corsWhitelist,
allowCredentials: true,
allowedHeaders: "Content-Type, Allow, Authorization,UserId,CompanyId"));
//To add registration feature
Plugins.Add(new RegistrationFeature());
//To add validation feature
Plugins.Add(new ValidationFeature());
container.RegisterValidators(
typeof(InsertCompanyValidator).Assembly,
typeof(UpdateCompanyValidator).Assembly,
typeof(DeleteCompanyValidator).Assembly,
typeof(InsertDeviceTypeValidator).Assembly,
typeof(UpdateDeviceTypeValidator).Assembly,
typeof(DeleteDeviceTypeValidator).Assembly,
typeof(InsertLocationValidator).Assembly,
typeof(UpdateLocationValidator).Assembly,
typeof(DeleteLocationValidator).Assembly,
//typeof(InsertRolePermissionValidator).Assembly,
//typeof(UpdateRolePermissionValidator).Assembly,
//Page Validator
typeof(AddSecPageValidator).Assembly,
typeof(UpdateSecPageValidator).Assembly,
typeof(DeleteSecPageValidator).Assembly,
//Page Permission Validator
typeof(AddPagePermissionValidator).Assembly,
typeof(UpdatePagePermissionValidator).Assembly,
//SecGroup Validator
typeof(AddSecGroupValidator).Assembly,
typeof(UpdateSecGroupValidator).Assembly,
typeof(DeleteSecGroupValidator).Assembly,
//GroupRole Validator
typeof(AddGroupRoleValidator).Assembly,
typeof(UpdateGroupRoleValidator).Assembly,
typeof(DeleteGroupRoleValidator).Assembly,
//UserGroup Validator
typeof(AddUserGroupValidator).Assembly,
typeof(UpdateUserGroupValidator).Assembly,
typeof(DeleteUserGroupValidator).Assembly,
//GroupCompany Validator
typeof(AddGroupCompanyValidator).Assembly,
typeof(UpdateGroupCompanyValidator).Assembly,
typeof(DeleteGroupCompanyValidator).Assembly,
//Document Validator
typeof(AddDocumentValidator).Assembly,
typeof(UpdateDocumentValidator).Assembly,
typeof(DeleteDocumentValidator).Assembly,
//DocumentType Validator
typeof(AddDocumentTypeValidator).Assembly,
typeof(UpdateDocumentValidator).Assembly,
typeof(DeleteDocumentValidator).Assembly,
// IoSetup Validator
typeof(DeviceIOSetupLocalDigitalInputAddValidator).Assembly,
typeof(DeviceIOSetupRemoteDigitalInputAddValidator).Assembly,
typeof(DeviceIOSetupExpansionDigitalInputAddValidator).Assembly,
typeof(DeviceIOSetupLocalRelayAddValidator).Assembly,
typeof(DeviceIOSetupRemoteRelayAddValidator).Assembly,
typeof(DeviceIOSetupExpansionRelayAddValidator).Assembly,
typeof(DeviceIOSetupRemoteAnalogOutputAddValidator).Assembly,
typeof(DeviceIOSetupLocalAnalogInputAddValidator).Assembly,
typeof(DeviceIOSetupRemoteAnalogInputAddValidator).Assembly,
typeof(DeviceIOSetupExpansionAnalogInputAddValidator).Assembly,
typeof(DeviceIOSetupLocalDigitalIOAddValidator).Assembly,
typeof(DeviceIOSetupRemoteDigitalIOAddValidator).Assembly,
typeof(DeviceIOSetupLocalOneWireAddValidator).Assembly,
typeof(DeviceIOSetupRemoteOneWireAddValidator).Assembly,
typeof(DeviceIOSetupRemoteThermocoupleAddValidator).Assembly,
typeof(DeviceIOSetupExpansionThermocoupleAddValidator).Assembly,
typeof(DeviceIOSetupLocalRegisterAddValidator).Assembly,
typeof(DeviceIOSetupRemoteRegisterAddValidator).Assembly,
typeof(DeviceIOSetupLocalVinAddValidator).Assembly,
typeof(DeviceIOSetupRemoteVinAddValidator).Assembly,
typeof(DeviceIOSetupLocalTimerAddValidator).Assembly,
typeof(DeviceIOSetupRemoteBatteryAddValidator).Assembly,
typeof(DeviceIOSetupLocalFrequencyInputAddValidator).Assembly,
typeof(DeviceIOSetupRemoteFrequencyInputAddValidator).Assembly
);
Plugins.Add(new AuthFeature(() => new CustomUserSession(),
new IAuthProvider[]
{
//new BasicAuthProvider(), //Sign-in with HTTP Basic Auth
new JwtAuthProvider(AppSettings) {
//HashAlgorithm = "HM256",
//PrivateKey = privateKey.ExportParameters(true),
AuthKeyBase64 = AppSettings.GetString("jwt.auth.key"),
RequireSecureConnection = false,
InvalidateTokensIssuedBefore = DateTime.Now,
ExpireTokensIn = TimeSpan.FromHours(24)
//Turn on for Prod: EncryptPayload = true
}, //JWT TOKENS
new CredentialsAuthProvider(AppSettings)
})
{
HtmlRedirect = "/",
//IncludeRegistrationService = true,
});
//Permit modern browsers (e.g. Firefox) to allow sending of any HTTP Method
//SetConfig(new HostConfig
//{
// GlobalResponseHeaders = {
// { "Access-Control-Allow-Origin", "*" },
// { "Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS" },
// { "Access-Control-Allow-Headers", "Content-Type" },
// },
//});
//AutoQuery
Plugins.Add(new AutoQueryFeature { MaxLimit = 100000 });
//Cache
container.Register<ICacheClient>(new MemoryCacheClient());
container.Register<IAuthRepository>(c =>
new MyOrmLiteAuthRepository(c.Resolve<IDbConnectionFactory>())
{
UseDistinctRoleTables = AppSettings.Get("UseDistinctRoleTables", true),
});
OrmLiteConfig.BeforeExecFilter = dbCmd => Debug.WriteLine(dbCmd.GetDebugString());
bool ShouldWipeAndReloadDb = false;
var environmentVariable = Environment.GetEnvironmentVariable("ASPNETCORE_ENVIRONMENT");
if (environmentVariable == "LocalMemory" || environmentVariable == "LocalSQLServer")
{
ShouldWipeAndReloadDb = true;
//Init auth tables
container.Resolve<IAuthRepository>().InitSchema();
}
var authRepo = (MyOrmLiteAuthRepository)container.Resolve<IAuthRepository>();
//Wipe and reload if using in memory SQL
if (ShouldWipeAndReloadDb)
{
DatabaseInitService dis = new DatabaseInitService();
dis.ResetDatabase();
SessionService.ResetUsers(authRepo);
dis.InitializeTablesAndData();
}
}
}
}
public class CustomUserSession : AuthUserSession
{
[DataMember]
public string CustomName { get; set; }
[DataMember]
public string CustomInfo { get; set; }
}
答案 0 :(得分:1)
错误消息“令牌已失效” only occurs when the issue date of the JWT令牌在InvalidateTokensIssuedBefore之前发出,您已将其配置为:
InvalidateTokensIssuedBefore = DateTime.Now,
重新启动App Domain时不太可能使令牌失效,这就像从来没有持久的Auth Key(即仅使用临时AesUtils.CreateKey())一样,因为在App Domain重新启动/循环之间创建的任何JWT都是自动失效。