官方建议accesstoken以及refeshtoken都存在服务器;必须只保存在服务器,不允许传给客户端。目前实现过程中发现refeshtoken 没到时间就提示无效token;{"errcode":40030,"errmsg":"invalid refresh_token, rid: 653a0fc4-7ff99a6e-73d634f8"}
是什么样机制导致失效,还是说code获取到的token,然后所有用户公用,失效通过refeshtoken 去刷新吗?
相关问题
相关文档
- Raw code: Mini Program/Development/Capabilities/Industry capability/Ride Code/Raw code
- 3、 sample code: Mini Program/Development/Capabilities/Industry capability/Ride Code/Raw code
- 3、 sample code: Mini Program/Development/Capabilities/Industry capability/Ride Code/Scan Code Payment
- Scan Code Payment: Mini Program/Development/Capabilities/Industry capability/Ride Code/Scan Code Payment
- Return code: 小商店/Development/Capabilities/Commercial capabilities/Trading component/Standard Trading Components and Open Interfaces/Server interface/Get and verify QR code interface/Generate QR code
不是的,每个用户的token只能用一次,你兑换好后,自己加密保存成为这个用户A的登录态,自己可以设置失效时间为了7200s,失效后再要求用户兑换token
获取后存在数据里,保存时间2个小时,超过两个小时了,更新一下