如何刷新过期的Google登录名? [英] How to refresh expired google sign-in logins?
问题描述
我正在使用Google登录.用户进入我的站点并使用gapi.auth2.getAuthInstance().signIn()
登录,或者他们已经登录,并且在页面加载(或重新加载)时,我们将获取状态.此时,我有一个可以使用一个小时的身份令牌,可以在服务器上进行验证.
I'm using Google Sign-In. A user comes to my site and logs in with gapi.auth2.getAuthInstance().signIn()
, or they are already logged in and when the page loads (or reloads) we fetch the status. At this point I have an identity token good for an hour that I can validate on the server.
当用户离开浏览器坐着(例如,整夜)时,此令牌将过期. gapi.auth2.getAuthInstance().isSignedIn.get()
返回true,但是令牌未通过验证.
When a user leaves the browser sitting (say, overnight), this token expires. gapi.auth2.getAuthInstance().isSignedIn.get()
returns true, but the token does not validate.
我如何登录用户并在他们的会话处于活动状态(即,浏览器尚未关闭)时保持登录状态?还是刷新令牌?比重新加载页面更优雅的方式...
How can I log in a user and keep them logged in while their session is active (ie, browser hasn't been closed)? Or refresh the token? Anything more graceful than reloading the page...
刷新令牌不是正确答案;我不想离线访问(也不想征求许可). Google显然认为该用户仍在登录我的应用程序;用户可以重新加载页面并获取新令牌,而无需再次提供凭据.当然,有某种机制比隐藏的iframe更优雅地获取更新的令牌?
The refresh token is not a correct answer; I don't want offline access (and don't want to ask for the permission). Google obviously thinks the user is still signed into my application; the user can reload the page and get a new token without providing credentials again. Surely there is some mechanism more graceful than a hidden iframe to get an updated token?
推荐答案
如果令牌已过期,则可以调用gapi.auth2.getAuthInstance().currentUser.get().reloadAuthResponse()
.它返回一个Promise.
If the token is expired, you can call gapi.auth2.getAuthInstance().currentUser.get().reloadAuthResponse()
. It returns a Promise.
这篇关于如何刷新过期的Google登录名?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!