在Angular应用程序中,HTTP拦截器是常用的一种机制,用于拦截HTTP请求和响应以进行处理。但是,当使用拦截器处理需要验证身份的请求时,可能会遇到一个问题。当请求需要令牌进行身份验证时,令牌可能会过期。此时,我们需要刷新令牌,并重新发送请求。但是HTTP拦截器不会自动重新发送请求,因此我们需要手动处理。
下面是一个解决方法的示例代码:
@Injectable()
export class AuthInterceptor implements HttpInterceptor {
private refreshTokenInProgress = false;
private refreshTokenSubject: BehaviorSubject = new BehaviorSubject(null);
constructor(private authService: AuthService) {}
intercept(request: HttpRequest, next: HttpHandler): Observable> {
const accessToken = this.authService.getAccessToken();
if (accessToken) {
request = this.addAuthorizationHeader(request, accessToken);
}
return next.handle(request).pipe(
catchError((error) => {
if (error instanceof HttpErrorResponse && error.status === 401) {
return this.handle401Error(request, next);
} else {
return throwError(error);
}
})
);
}
private addAuthorizationHeader(request: HttpRequest, accessToken: string) {
return request.clone({
setHeaders: {
Authorization: `Bearer ${accessToken}`
}
});
}
private handle401Error(request: HttpRequest, next: HttpHandler) {
if (!this.refreshTokenInProgress) {
this.refreshTokenInProgress = true;
this.refreshTokenSubject.next(null);
return this.authService.refreshToken().pipe(
switchMap((tokenResponse) => {
this.refreshTokenInProgress = false;
this.refreshTokenSubject.next(tokenResponse.accessToken);
return next.handle(this.addAuthorizationHeader(request, tokenResponse.accessToken));
}),
catchError((error) => {
this.refreshTokenInProgress = false;
return throwError(error);
})
);
} else {
return this.refreshTokenSubject.pipe(
filter((token) => token !== null),
take(1),
switchMap((token) =>
next.handle(this.addAuthorizationHeader(request, token))
)
);
}
}
}
在这个示例中,AuthInterceptor
是我们自定义的HTTP拦截器。我们注入了一个AuthService
,用于获取和刷新令牌。
在intercept
方法中,我们首先从AuthService
中获取当前的访问令牌