Skip to content

Returns 401 when concurrent #94

Description

@activeliang

When access expires, if the user clicks quickly on the web page and triggers two requests at the same time, in this case, the new access can be refresh normally, but when the new access is used to request resources, it returns 401

I wrote a demo project to solve this problem:https://github.com/activeliang/try_jwt_session

To simulate the above situation, I wrote the following code:

# first login
@tokens = JSON.parse RestClient.post 'http://localhost:3000/login', name: 'user1', password: '123456'

# method
def refresh_access_and_get_posts
  new_tokens = JSON.parse RestClient.post 'http://localhost:3000/refresh', {}, { 'X-Refresh-Token': @tokens['tokens']['refresh'] }
  posts = JSON.parse RestClient.get 'http://localhost:3000/posts', { Authorization: "Bearer #{new_tokens['access']}"}
end

# it works normal
10.times {
  refresh_access_and_get_posts
}

# 401 will be returned when get posts
10.times{
  Thread.new {
    refresh_access_and_get_posts
  }
}

Is it because I did something wrong?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions