angular - oidc-client isLoggedIn() -
what concise , accurate way determine isloggedin() odic-client?
much angualr2 example first method was:
// return true if user (token) exists. public isloggedin(): promise<boolean> { return this.usermanager.getuser().then(user => !!user); } then handle expired tokens:
// return true if user (token) exists , not expired. public isloggedin(): promise<boolean> { return this.usermanager.getuser().then(user => { if (!user) { return false; } return !user.expired; }); } a requirement of app not show user logged in if op has revoked session so, following logic here, next method was:
// return true if user (token) , session (cookie) exists , sub matches , not expired. public async isloggedin(): promise<boolean> { const session = await this.usermanager.querysessionstatus().catch(() => null); const user = await this.usermanager.getuser(); if (!user || !session) { return false; } if (session.sub !== user.profile.sub) { return false; } return !user.expired; } now i'm noticing if start app expired token silent renew gets new token session cookie after isloggedin() logic so, have false negative. there userloaded event dosn't fire if token still valid.
Comments
Post a Comment