浏览器刷新 - 失落servicestack认证会话数据 [英] browser refresh - lost servicestack authentication session data

问题描述

我有一个angular.js单页的应用程序，对验证一个RESTful API（Servicestack）。这一切工作正常。当返回从验证API响应的用户名存储在一个角服务和isAuthenticated标志设置为真。

I have an angular.js single page app that authenticates against a RESTful API (Servicestack). This all works fine. When the response from the authentication api is returned the username is stored on an Angular service and an isAuthenticated flag is set to true.

针对[授权]任何请求，然后归咎于Web服务返回的数据。

Any requests against an [Authenticate] attributed web service then returns data.

我的问题是，当我刷新浏览器我的JavaScript对象角刷新和认证的用户遗忘的事实。然而，当我打电话[授权]由于其工作正常服务，因为会话仍然生活...

My issue is that when I refresh the browser my javascript angular objects are flushed and the fact the user authenticated is forgotten. Yet when I call the [Authenticate] attributed service they work correctly because the session is still live...

对于相当noob问题道歉，但如何在浏览器中通过会话Web服务时的JavaScript对象已被破坏并重新创建？我如何获取相同的会议刷新，并设置我的角度服务与用户名等。

Apologies for the rather noob question but how does the browser pass the session to the web service when the javascript objects have been destroyed and recreated? How do I grab the same session on refresh and set my Angular service up with the username etc.?

推荐答案

ServiceStack身份验证使用Cookie来存储默认会话令牌。这意味着你的角的应用程序将收到的cookie，当你在第一个迹象。这将通过此后续请求，他们一定会成功，而会话仍然在服务器上有效。

ServiceStack Authentication uses cookies to store the session token by default. Which means your Angular application will receive the cookie when you first sign in. It will pass this for subsequent requests, and they will succeed while the session is still valid on the server.

问题将是角会失去对象的状态，当您刷新页面，就是告诉它你有一个活动会话。所以，你必须恢复这方面的知识，以角。有解决这个两种方式：

The problem will be that Angular will lose the object state, when you refresh the page, that is telling it you have an active session. So you must restore this knowledge to Angular. There are two ways to tackle this:

1. 检查的 SS-ID 的cookie，当你的应用程序启动和假设你有一个有效的会话。换言之，所以恢复到状态签字，直到你得到来自服务器的401错误。这是最快的方法，并且不需要额外的开销，如果有人刷新页面，检查会话。

1. Check for the ss-id cookie when you application starts and assume you have a valid session. In other words, so restore to a signed in state, until you get a 401 error from the server. This is the quickest approach, and doesn't require additional overhead to check the session if somebody refreshes the page.

检查的 SS-ID cookie，并进行测试验证的请求，检查会话仍然有效。

Check for the ss-id cookie and make a test authenticated request to check the session is still valid.

如果您需要恢复的其他信息，如登录的用户名等电流，那么你就需要存储在cookie /本地存储到它的刷新恢复，或与方法2去，并从中检索回来服务器

If you need to restore other information such as the current logged in user's name etc, then you would need to store that in a cookie/local storage to restore it on refresh, or go with method 2, and retrieve it back from the server.

您可以使用 $饼干提供商管理会话cookie。

You can use $cookies provider to manage the session cookie.

这篇关于浏览器刷新 - 失落servicestack认证会话数据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！