I don't quite understand why it is necessary to judge the login status of the user at the front end.

1. the expiration time of token should be set in the background. The front end determines whether the user logs in by the existence of token or not. There is no uniform time for users to log in
.
2. if token is used as a user status credential, it should be sent to the background for verification instead of front-end authentication

the front end sends the token to the backend together when the request is made. The backend decides whether it needs to redirect to the home page according to the situation.

I think the maintenance of login state must be done by server. Token is the key to interact with server. The front end only needs to bring token every time the service is called, and the timeliness is controlled by the server. Login- > token, is a credential used to interact with the backend and can do a lot of things. At the same time, token can also determine whether a user needs to be re-authorized. The background interaction after a user acquires token on the same client is almost based on token, so what you should consider is how to ensure the storage security of token, which can be stored in cookie, or memory, and can also provide a more secure mechanism than token. I think the security level of token alone is still very low. Hackers have more means than I thought, and hackers don't sabotage them.

forgot to answer your question? let the server write an interceptor to intercept the request to determine the login status. It is useless for the client to do this.