如何刷新过期的Google登录名? [英] How to refresh expired google sign-in logins?

问题描述

我正在使用Google登录.用户进入我的站点并使用gapi.auth2.getAuthInstance().signIn()登录，或者他们已经登录，并且在页面加载(或重新加载)时，我们将获取状态.此时，我有一个可以使用一个小时的身份令牌，可以在服务器上进行验证.

I'm using Google Sign-In. A user comes to my site and logs in with gapi.auth2.getAuthInstance().signIn(), or they are already logged in and when the page loads (or reloads) we fetch the status. At this point I have an identity token good for an hour that I can validate on the server.

当用户离开浏览器坐着(例如，整夜)时，此令牌将过期. gapi.auth2.getAuthInstance().isSignedIn.get()返回true，但是令牌未通过验证.

When a user leaves the browser sitting (say, overnight), this token expires. gapi.auth2.getAuthInstance().isSignedIn.get() returns true, but the token does not validate.

我如何登录用户并在他们的会话处于活动状态(即，浏览器尚未关闭)时保持登录状态?还是刷新令牌?比重新加载页面更优雅的方式...

How can I log in a user and keep them logged in while their session is active (ie, browser hasn't been closed)? Or refresh the token? Anything more graceful than reloading the page...

刷新令牌不是正确答案；我不想离线访问(也不想征求许可). Google显然认为该用户仍在登录我的应用程序；用户可以重新加载页面并获取新令牌，而无需再次提供凭据.当然，有某种机制比隐藏的iframe更优雅地获取更新的令牌?

The refresh token is not a correct answer; I don't want offline access (and don't want to ask for the permission). Google obviously thinks the user is still signed into my application; the user can reload the page and get a new token without providing credentials again. Surely there is some mechanism more graceful than a hidden iframe to get an updated token?

推荐答案

如果令牌已过期，则可以调用gapi.auth2.getAuthInstance().currentUser.get().reloadAuthResponse().它返回一个Promise.

If the token is expired, you can call gapi.auth2.getAuthInstance().currentUser.get().reloadAuthResponse(). It returns a Promise.

这篇关于如何刷新过期的Google登录名?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！