SAP|SAP Spartacus 会使用 Session timeout 吗()
问题:Where to configure session timeout in Spartacus
答案
我假设您使用 Hybris OAuth 服务器的默认身份验证流程(密码流程)。 在这种情况下,会话长度是通过后台的 OAuth 客户端设置来控制的。
但是,要知道会话何时到期,您可以检查令牌有效负载 (AuthStorageService.getToken)。属性之一是到期时间,可用于了解会话何时实际结束。
Marcin is correct. Spartacus is 100% API driven, interacting with Commerce backend by sending request to configured endpoints. These endpoints require an access token to be sent with the request, and this access token needs to be retrieved by following the Client Credentials Flow that is defined by the OAuth specification.
As long as you log in successfully, you can find access token issued by Commerce backend in Chrome dev tools, application tab -> Local storage as highlighted below:
文章图片
the field expires_at stores the value of exact date and time when token will be expired.
you can use the code below in console to convert it to human readable string:
new Date(1627660784476).toGMTString();
文章图片
You can control the token time-to-live value via configuration in backoffice by property: oauth2.accessTokenValiditySeconds
文章图片
See document for detail:
https://help.sap.com/viewer/d...
文章图片
if you need to code in Spartacus to know when the token will be expired, inject AuthStorageService in your app.module.ts, and then access expires_at property of result returned by getToken method.
export class AppModule {
constructor(private authService: AuthStorageService){
const token: Observable = this.authService.getToken();
token.subscribe((token) => console.log('expire at:' , token.expires_at));
}
}
文章图片
【SAP|SAP Spartacus 会使用 Session timeout 吗()】更多Jerry的原创文章,尽在:"汪子熙":
文章图片
推荐阅读
- 一个人的碎碎念
- 为什么你的路演总会超时()
- 时间老了
- 危险也是机会
- 你若想回到冬的身边,春也会放你走
- 微习惯复盘
- 我执意要等,是因为我相信你一定会来
- 难道你仅会钻规则的漏洞吗()
- 火锅
- 拉黑家人一整年之后,以为会快乐,最后却抑郁症!!