angular-token icon indicating copy to clipboard operation
angular-token copied to clipboard

Published 20 hours ago verified publisher icon neroniaky

userSignedIn() returns true even with expired/invalid token

Open acegilz opened this issue 7 years ago • 11 comments

I'm submitting a...

  • [x] Other... Please describe:

Current behavior

I use the UserSignedin() to detect if the user is signed in:

if (this.authTokenService.userSignedIn() == true) {
     //authenticated calls
}

However sometimes after several minutes of login/calls I start receiving 401 errors from the backend, and I conclude that somehow angular-token is assuming it's logged in but don't accepted on the backed.

I am pretty sure this is a bug, but I would like to know what am I doing wrong, and also what's the correct approach to verify it the token is valid and if the user is logged in? I used the validateToken() before but also run in similar issues that's why I switched to this approach

acegilz avatar Aug 25 '18 18:08 acegilz

You can try setting the option signOutFailedValidate to true. This way, when a validateToken fails, the frontend will also assume it's not signed in

arjenbrandenburgh avatar Aug 26 '18 09:08 arjenbrandenburgh

@arjenbrandenburgh thanks, that behavior should be perfect and IMO come by default, will try

acegilz avatar Aug 26 '18 11:08 acegilz

Closing this issue. If this issue still persists, feel free to re-open.

arjenbrandenburgh avatar Aug 29 '18 09:08 arjenbrandenburgh

@arjenbrandenburgh This solution is not working, it returns 401 and still don't officially logout (clear localstorage things etc) The reason why it logs out it's also uncertain, I think it may be related with this issue: https://github.com/neroniaky/angular-token/issues/457

acegilz avatar Aug 31 '18 02:08 acegilz

screenshot 2018-08-31 04 14 22 screenshot 2018-08-31 04 13 57

acegilz avatar Aug 31 '18 03:08 acegilz

it's not signing out because of

https://github.com/neroniaky/angular-token/blob/master/projects/angular-token/src/lib/angular-token.service.ts#L251

it is calling signOut function, but signOut will return observer and it will not run because nothing is subscribed to it

Grafexy avatar Aug 31 '18 08:08 Grafexy

Yes, it makes sense now...

I'll try to find another way to fix this issue and also why it logs out in the first place

acegilz avatar Aug 31 '18 23:08 acegilz

@Grafexy Good catch 👍

neroniaky avatar Aug 31 '18 23:08 neroniaky

my solution

  getToken(): string {
    return localStorage.getItem("accessToken");
  }
  getTokenExpirationDate(token: string): Date {
    if (!token) token = this.getToken();
    if (localStorage.getItem("expiry") === undefined) return null;
    const date = new Date(0);
    date.setUTCSeconds(+localStorage.getItem("expiry"));
    return date;
  }
  isTokenExpired(token?: string): boolean {
    const date = this.getTokenExpirationDate(token);
    console.log("date", date, date.valueOf(), new Date().valueOf());
    if (date === undefined) return false;
    return !(date.valueOf() > new Date().valueOf());
  }

zinderud avatar Sep 01 '18 14:09 zinderud

@zinderud where / when / what frequency do you call that isTokenExpired() ?

acegilz avatar Sep 01 '18 20:09 acegilz

my usage

import { Injectable } from '@angular/core';
import { CanActivate, Router } from '@angular/router';
import { Angular2TokenService } from './angular2-token.service';
import { AuthService } from './auth.service';

@Injectable()
export class AuthGuard implements CanActivate {

  constructor (
    private authService: AuthService,
    public aService: Angular2TokenService,
    private router: Router
  ) {}

  public canActivate() {

    if (!this.authService.isTokenExpired() && this.aService.userSignedIn()) {
      return true;
    } else {
      this.router.navigate(['/']);
      return false;
    }
  }
}

zinderud avatar Sep 01 '18 20:09 zinderud