Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How do you redirect if a token has expired? #161

Closed
jacobtipp opened this issue Apr 15, 2016 · 3 comments
Closed

How do you redirect if a token has expired? #161

jacobtipp opened this issue Apr 15, 2016 · 3 comments
Labels

Comments

@jacobtipp
Copy link

This seems a bit trivial, however, I have not used JWT with Hapi.js before. Currently I am testing my auth flow by having a user login via a form, and wrapping a cookie with a JWT back to the client. For testing purposes I'm making the token expire in 1 minute. I want to be able to redirect to the /login view if the token has expired. The default behavior for this plugin seems to be a 401 response, which makes sense but if I want to capture this and redirect, I'm not exactly sure how to do it. I've tried setting ignoreExpiration to true, but I believe validateFunc isn't responsible for redirects of any kind.

Any help would be appreciated.

@nelsonic
Copy link
Member

good question @traducer
yes, the validateFunc is not responsible for re-direct.
Typically people write an onPreResponse extension plugin for their Web Apps which allows them to intercept any/all errors and show the relevant page.
Let us know if you need a working example of this.
relates to: dwyl/hapi-login-example-postgres#19

@nelsonic
Copy link
Member

nelsonic commented Aug 22, 2016

@traducer & @goncalvesr2 we have just released an update to hapi-error which helps you easily redirect to any url you define if the Auth check fails (i.e. statusCode 401) see: https://github.com/dwyl/hapi-error#redirecting-to-another-endpoint

@shanemacbride
Copy link

Just chiming in here to say I followed @nelsonic 's advice with utilizing an onPreResponse func to intercept the 401, clear the cookie, and redirect. 👍 thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants