![]() This can also happen during normal execution when multiple API calls are performed very close to each other and the token expires prior to those. If the token is expired when the user runs the app, a nasty race condition could cause the same refresh token to be used twice, causing the server to respond with a 401 and subsequently logging the user out on the app. The Just Eat app makes multiple API calls at startup: it fetches the order history to check for in-flight orders, fetches the most up-to-date consumer details, etc. If not done right, it can easily cause your customers to end up being logged out, with the consequent frustration we all have experienced as app users. This seems to be something taken for granted by the mobile community, but in reality, we found it to be quite a fragile part of the authentication flow. The token refresh problemīy far the most significant problem we had in the past was the renewal of the token. ![]() JWT can be used in both cases, marking a distinction between Client JWT and User JWT we will refer to later on. Some API calls might demand the user to be logged in (user-authenticated calls), and others don’t (non-user-authenticated calls). It’s accepted practice for implementers to consider for some small leeway, usually no more than a few minutes, to account for clock skew. In order to accept a JWT, it’s required that the current date/time must be before the expiration time listed in the `exp` claim. This claim identifies the time after which the JWT must not be accepted. The only field relevant to this document is exp (Expiration Time), part of Payload (the second fragment). eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjE1Nzc3NTA0MDB9.7hgBhNK_ZpiteB3GtLh07KJ486Vfe3WAdS-XoDksJCQ It shows 3 fragments (base64 encoded) concatenated with a dot. Here is a valid and very short token example, courtesy of jwt.io which we recommend using to easily decode tokens for debugging purposes.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |