0
Jeremy 创建
We are using token based authorization for our project. Everytime we grant permissions to a user, he has to request for a new token to get the permissions, is this the right way to update user's permissions? Are there any advices to optimize the authorization process please?
- ABP Framework version: v3.3.0
- UI type: Angular
- Tiered (MVC) or Identity Server Seperated (Angular): yes
- Exception message and stack trace:
- Steps to reproduce the issue:
3 答案
-
0
the granted permissions are stored in the claims and as far as I know there's only 1 way to get the new claims, relogin.
-
0
We havent implement the realtime notification to notify the client for a relogin. Are there any others options ? Is relogin necessary for cookie based authorization as well?
-
0
no need to relogin but needs page refresh to get the application-configuration. for MVC (cookie auth) , a page refresh is required to see the new permissions
