JWT令牌expiresIn如何在羽毛中工作? [英] How JWT token expiresIn works in feathers?

问题描述

当我解码JWT令牌时，我会在有效载荷中看到

When I decode my JWT token I see in payload

{
  "exp": 1494105589
}

它的价值是什么意思? Docs表示，默认的JWT expiresIn值为"1d"，但这似乎不是令牌创建后的1天，甚至不是以ms(1000 * 60 * 60 * 24)表示的1天.最糟糕的是:当我在配置中设置"expiresIn":"90d"时，该值变化不大.有人可以对此做些解释吗?

What does it value means? Docs says that default JWT expiresIn value is "1d" but it's not seems like 1 day after token created and even not 1 day in ms (1000*60*60*24). And the worst: this value not changed much when I set "expiresIn": "90d" in my config. Could somebody give some explanation of this?

推荐答案

这是一个unix时间戳，计算从1970年1月1日00:00 UTC以来的秒数. 有几个网站可以帮助您转换价值，例如.这个: http://www.unixtimestamp.com/index.php 在您的时间戳上显示为05/06/2017 @ 9:19 pm(UTC)，因此您的令牌有效期为5个月.

it's a unix timestamp, counting the seconds since 1st of January 1970 00:00 UTC. There are several websites that help you to convert the value, eg. this one : http://www.unixtimestamp.com/index.php For your timestamp it says 05/06/2017 @ 9:19pm (UTC), so your token is valid for 5 month.

https://tools.ietf.org/html/rfc7519#section -4.1.4 解释了数字日期用于exp声明(以及nbf(不早于)和iat(发布于)声明)

https://tools.ietf.org/html/rfc7519#section-4.1.4 explains that a numeric date is used for the exp claim (and also for the nbf (not before) and iat (issued at) claims)

https://tools.ietf.org/html/rfc7519#section-2 定义数字日期:

一个JSON数值，表示从1970-01-01T00:00:00Z UTC到指定的UTC日期/时间的秒数，而忽略了leap秒.

A JSON numeric value representing the number of seconds from 1970-01-01T00:00:00Z UTC until the specified UTC date/time, ignoring leap seconds.

除了你说的

最糟糕的是:当我设置"expiresIn"时，该值变化不大: 在我的配置中为"90d".

And the worst: this value not changed much when I set "expiresIn": "90d" in my config.

当您获得令牌时，它是否具有这样的结构:

when you got the token, did it come in a structure like this :

{"access_token": "eyJhbGciOiJ...", "token_type": "bearer", "expires_in": 86399 }

如果是，expires_in是否显示正确的值?

and if yes, did expires_in show the correct value ?

这篇关于JWT令牌expiresIn如何在羽毛中工作?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！