duzhipeng
commented
1 year ago 是国人是吧?
估计你是把 /refresh_token 塞到 (authMiddleware.MiddlewareFunc()) 里了。
就是说,你去刷 token,却把刷 token 的路由放到了需要鉴权的路由组里去了,导致你请求 refresh_token ,系统要先验证原来那个token,但原来的那个不是已经过期了吗?!
Open ghost opened 1 year ago
duzhipeng
commented
1 year ago 是国人是吧?
估计你是把 /refresh_token 塞到 (authMiddleware.MiddlewareFunc()) 里了。
就是说,你去刷 token,却把刷 token 的路由放到了需要鉴权的路由组里去了,导致你请求 refresh_token ,系统要先验证原来那个token,但原来的那个不是已经过期了吗?!
Hi, I have a question. I'm not very good at English, so I'm sorry if I'm grammatically incorrect. If there's any part of it that doesn't make sense, please let me know! When I tried refresh for timed out token, but server reply "401 Unauthorized" status. I thought this library can't update timed out token, but I'm found this comment in "auth_jwt.go" at line 45. https://github.com/appleboy/gin-jwt/blob/dccd654983dba25d8adf5e8c7a876c05e67a7450/auth_jwt.go#L45 I was set "Timeout: time.Second" and "MaxRefresh: time.Hour" and retried timed out token refresh about 10 seconds later. I'm expected server reply "200 OK" and return refreshed token, but server as usual reply "401 Unauthorized". I do not know why it behaves this way. Can someone please tell me what it is?