How to check correctly if the access token is expired from the front end even if the client pc time is wrong?

Question

My pc time is 2 minutes behind from the actual time. This is because it is on a network where the main pc has a wrong time. In all cases, this happens to be a good example where the frontend is considering that the token didn't expire whereas in fact it expired and the back end throws an error.

Currently to know if the token is expired in front end, I use the following:

if(  this.jwtHelper.isTokenExpired(token) ) {
  console.log ("Token expired!")
}

Since my pc time is behind by 2 minutes, when the token expires, I still have 2 minutes where frontend considers that this token is still valid. Is there a way to really know if a token is expired even with a wrong time setting on client machine? Is this a real use case I have to worry about or I just need to fix my pc time and not worry about this issue?

Answer 1

Client will know when the server response status code is 401. This is the only legit source of truth.

Answer 2

I can't comment on JWT, because it's a bit more than I need for my application, but I do use token authentication. In my case, the tokens are cached on the server upon valid username/password authentication and are evicted from the cache when they expire. A client presenting an expired token throws a 401 (Unauthorized) HTTP error and my angular interceptor catches this as an expired token and re-routes to the login view.