问题描述
使用新生成的 FeathersJS 应用程序(本地身份验证),我正在执行以下行为的 REST api 调用:
Using freshly generated FeathersJS application (local auth), I am doing following REST api calls with following behaviour:
- GET/users - 它因未授权而失败
- 使用用户名和密码进行 POST/authentication - 成功
- GET/users - 它成功并返回用户列表
- DELETE/authentication - 返回 auth 对象,没有错误消息(并在服务器端生成注销事件)
- GET/users - 它成功并返回用户列表
我的预期结果是,在第 5 步我会得到未授权错误,因为 JWT 令牌会在服务器端注销后过期.
expected result from my side is that on step 5 I would get not-authorized error, as JWT token would be expired after logout on server side.
我做错了什么?如何仅使用 REST api 正确注销用户,以便令牌无效?或者身份验证只能与 FeathersJS 客户端库结合使用?
what am I doing wrong? how can I logout user properly using just REST api, so token would be invalidated? or authentication is meant to be used only in conjunction with FeathersJS client libraries?
附言我正在尝试使用 FeathersJS 作为 Flutter 应用程序后端 REST API 的潜在解决方案.因此我只对 FeathersJS 的服务器端实现感兴趣.
p.s. I am trying out FeathersJS as a potential solution for backend REST API for my Flutter app. Hence I am interested only in server side implementation of FeathersJS.
推荐答案
FeathersJS 是无状态的.因此,在您的客户端中,只需将您的访问令牌设置为 null.
FeathersJS is stateless. So, in your client, just set your access token to null.
这篇关于使用 FeathersJS REST API 注销的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!