如何覆盖午睡中某些资源的默认(“**”)装饰器?
How to override default ("**") decorator for certain resource in siesta?
我正在尝试在服务器上将 Siesta swift 包与我的 API 一起使用。我们已经使用访问和刷新令牌设置了 JWT 身份验证。我们可以通过刷新过程成功验证并获取新的访问令牌。但是我们做出的解决方案让我觉得有点老套。
我们正在使用这样的请求装饰器
func init() {
service.configure("**") {
if let session = self.appSession {
[=10=].headers["Authorization"] = "Bearer \(session.tokens.access)"
}
[=10=].decorateRequests {
self.globalApiFailHandler(request: )
}
}
service.configure(authRefreshResource) {
if let session = self.appSession {
[=10=].headers["Authorization-Refresh"] = "Bearer \(session.tokens.refresh)"
}
[=10=].decorateRequests {
self.refreshTokenFailure(request: )
}
}
}
private func globalApiFailHandler(request: Siesta.Request) -> Request {
return request.chained { //special case to Refresh Token On Auth Failure
if case
.failure(let error) = [=10=].response, // Did request fail…
error.httpStatusCode == 401, // …because of expired token?
self.appSession != nil { // we have refreshToken
log.warning("Seems like Access Token is expired, Trying to refresh it!")
return .passTo(
self.refreshAuth().chained { // first request a new token, then:
if case .failure = [=10=].response { // If token request failed…
return .useThisResponse // …report that error.
} else {
return .passTo(request.repeated()) // We have a new token! Repeat the original request.
}
}
)
}
if case
.failure(let error) = [=10=].response,
error.httpStatusCode != 409 {
log.warning("Something went wrong during request: \(error)")
self.retryLaterEvent() // TODO: Really need this here?
}
return .useThisResponse // If not, use the response we got.
}
}
private func refreshTokenFailure(request: Siesta.Request) -> Request {
return request.chained {
if case
.failure(let error) = [=10=].response { // Did request fail…
log.error("Refresh token procedure failed with \(error).")
if error.httpStatusCode == 409 {
log.warning("409, Resetting app session storage! Relogin or app recreation is needed!")
self.relogin = true //Reset saved sessions to create new app
self.reloginEvent()
} else {
log.warning("Something went wrong during refresh token procedure. Please retry later!")
self.retryLaterEvent()
}
///let requestError = RequestError(userMessage: "Unable to refresh access token", cause: "")
let response = Response.failure(error) //(requestError)
let responseInfo = ResponseInfo(response: response)
return .useResponse(responseInfo) // If not, use the response we got.
}
return .useThisResponse // We have new token!
}
}
请注意 409
return 代码检查 globalApiFailHandler
。它在那里是因为全局装饰器总是被调用 authRefreshResource
。如果我们忽略该检查,API 将在某些服务器错误下陷入无限循环刷新令牌。
问题是如何为我们想要的特定资源禁用全局装饰器?有了这个就可以优雅地解决我们的问题了。
您可以将任意谓词传递给 configure(whenURLMatches:)
,这样您就可以像手术一样排除任何您喜欢的东西:
service.configure(whenURLMatches: { url in url.path != "/auth" }) {
...
}
或者,如果像您的情况一样,您想排除一个 URL,而您手头有 Resource
:
service.configure(whenURLMatches: { [=11=] != authRefreshResource.url }) {
...
}
我正在尝试在服务器上将 Siesta swift 包与我的 API 一起使用。我们已经使用访问和刷新令牌设置了 JWT 身份验证。我们可以通过刷新过程成功验证并获取新的访问令牌。但是我们做出的解决方案让我觉得有点老套。
我们正在使用这样的请求装饰器
func init() {
service.configure("**") {
if let session = self.appSession {
[=10=].headers["Authorization"] = "Bearer \(session.tokens.access)"
}
[=10=].decorateRequests {
self.globalApiFailHandler(request: )
}
}
service.configure(authRefreshResource) {
if let session = self.appSession {
[=10=].headers["Authorization-Refresh"] = "Bearer \(session.tokens.refresh)"
}
[=10=].decorateRequests {
self.refreshTokenFailure(request: )
}
}
}
private func globalApiFailHandler(request: Siesta.Request) -> Request {
return request.chained { //special case to Refresh Token On Auth Failure
if case
.failure(let error) = [=10=].response, // Did request fail…
error.httpStatusCode == 401, // …because of expired token?
self.appSession != nil { // we have refreshToken
log.warning("Seems like Access Token is expired, Trying to refresh it!")
return .passTo(
self.refreshAuth().chained { // first request a new token, then:
if case .failure = [=10=].response { // If token request failed…
return .useThisResponse // …report that error.
} else {
return .passTo(request.repeated()) // We have a new token! Repeat the original request.
}
}
)
}
if case
.failure(let error) = [=10=].response,
error.httpStatusCode != 409 {
log.warning("Something went wrong during request: \(error)")
self.retryLaterEvent() // TODO: Really need this here?
}
return .useThisResponse // If not, use the response we got.
}
}
private func refreshTokenFailure(request: Siesta.Request) -> Request {
return request.chained {
if case
.failure(let error) = [=10=].response { // Did request fail…
log.error("Refresh token procedure failed with \(error).")
if error.httpStatusCode == 409 {
log.warning("409, Resetting app session storage! Relogin or app recreation is needed!")
self.relogin = true //Reset saved sessions to create new app
self.reloginEvent()
} else {
log.warning("Something went wrong during refresh token procedure. Please retry later!")
self.retryLaterEvent()
}
///let requestError = RequestError(userMessage: "Unable to refresh access token", cause: "")
let response = Response.failure(error) //(requestError)
let responseInfo = ResponseInfo(response: response)
return .useResponse(responseInfo) // If not, use the response we got.
}
return .useThisResponse // We have new token!
}
}
请注意 409
return 代码检查 globalApiFailHandler
。它在那里是因为全局装饰器总是被调用 authRefreshResource
。如果我们忽略该检查,API 将在某些服务器错误下陷入无限循环刷新令牌。
问题是如何为我们想要的特定资源禁用全局装饰器?有了这个就可以优雅地解决我们的问题了。
您可以将任意谓词传递给 configure(whenURLMatches:)
,这样您就可以像手术一样排除任何您喜欢的东西:
service.configure(whenURLMatches: { url in url.path != "/auth" }) {
...
}
或者,如果像您的情况一样,您想排除一个 URL,而您手头有 Resource
:
service.configure(whenURLMatches: { [=11=] != authRefreshResource.url }) {
...
}