fix: refresh returning 401 not properly logging you out of client

2025-05-28 02:24:54 +02:00 · 2025-05-28 02:24:54 +02:00 · a15f85a082
commit a15f85a082
parent 6a11108ec1
2 changed files with 79 additions and 70 deletions
--- a/composables/auth.ts
+++ b/composables/auth.ts
@ -30,11 +30,11 @@ export const useAuth = () => {
      {
        username, password: hashedPass, device_name: "Linux Laptop"
      }
-    }) as { access_token: string, refresh_token: string }; fetch
+    }) as { access_token: string, refresh_token: string };
    console.log("hi");
    accessToken.value = res.access_token;
    console.log("access token:", accessToken.value);
-    await fetchUser();
+    //await fetchUser();
  }
  async function logout(password: string) {
@ -60,19 +60,17 @@ export const useAuth = () => {
  async function refresh() {
    console.log("refreshing");
-    try {
+	const res = await fetchWithApi("/auth/refresh", {
-      const res = await fetchWithApi("/auth/refresh", {
+	method: "POST"
-        method: "POST"
+	}) as any;
-      }) as { access_token: string };
+	console.log("finished refreshing:", res);
-      accessToken.value = res.access_token;
+	accessToken.value = res?.access_token;
-      console.log("set new access token");
+	console.log("set new access token");
    } catch (error) {
      console.error("refresh error:", error);
    }
  }
  async function fetchUser() {
    if (!accessToken.value) return;
 	console.log("fetchuser access token:", accessToken.value);
    const res = await fetchWithApi("/users/me") as UserResponse;
    user.value = res;
    return user.value;
--- a/utils/fetchWithApi.ts
+++ b/utils/fetchWithApi.ts
@ -9,63 +9,74 @@ export default async <T>(path: string, options: NitroFetchOptions<string> = {})
    path = path.slice(0, path.lastIndexOf("/"));
  }
  console.log("formatted path:", path);
-  try {
+	const accessToken = useCookie("access_token");
-    const accessToken = useCookie("access_token");
+	console.log("access token:", accessToken.value);
-    console.log("access token:", accessToken.value);
+	const apiBase = useCookie("api_base").value;
-    const apiBase = useCookie("api_base").value;
+	const apiVersion = useRuntimeConfig().public.apiVersion;
-    const apiVersion = useRuntimeConfig().public.apiVersion;
+	console.log("heyoooo")
-    console.log("heyoooo")
+	console.log("apiBase:", apiBase);
-    console.log("apiBase:", apiBase);
+	if (!apiBase) {
-    if (!apiBase) {
+		console.log("no api base");
-      console.log("no api base");
+		return;
-      return;
+	}
-    }
+	console.log("path:", path)
-    console.log("path:", path)
+	const { revoke, refresh } = useAuth();
-    const { revoke, refresh } = useAuth();
+	console.log("access token 2:", accessToken.value);
    console.log("access token 2:", accessToken.value);
-    let headers: HeadersInit = {};
+	let headers: HeadersInit = {};
-    if (accessToken.value) {
+	if (accessToken.value) {
-      headers = {
+		headers = {
-        ...options.headers,
+		...options.headers,
-        "Authorization": `Bearer ${accessToken.value}`
+		"Authorization": `Bearer ${accessToken.value}`
-      };
+		};
-    } else {
+	} else {
-      headers = {
+		headers = {
-        ...options.headers
+		...options.headers
-      };
+		};
-    }
+	}
-    let reauthFailed = false;
+	let reauthFailed = false;
-    while (!reauthFailed) {
+	while (!reauthFailed) {
-      try {
+		try {
-        console.log("fetching:", URL.parse(apiBase + path));
+		console.log("fetching:", URL.parse(apiBase + path));
-        const res = await $fetch<T>(URL.parse(apiBase + path)!.href, {
+		const res = await $fetch<T>(URL.parse(apiBase + path)!.href, {
-          ...options,
+			...options,
-          headers,
+			headers,
-          credentials: "include"
+			credentials: "include"
-        });
+		});
-        return res;
+		return res;
-      } catch (error: any) {
+		} catch (error: any) {
-        if (error?.response?.status === 401) {
+		console.error("Error fetching resource");
-          if (!path.startsWith("/auth/refresh")) {
+		if (error?.response?.status === 401) {
-            try {
+			console.log("Error status is 401");
-              await refresh();
+			if (!path.startsWith("/auth/refresh")) {
-            } catch (error: any) {
+			console.log("Path is not refresh endpoint");
-              if (error?.response?.status === 401) {
+			try {
-                reauthFailed = true;
+				console.log("Trying to refresh");
-                await revoke();
+				await refresh();
-                return;
+				console.log("Successfully refreshed token");
-              }
+			} catch (error: any) {
-            }
+				console.log("Failed to refresh token");
-          }
+				if (error?.response?.status === 401) {
-        }
+				console.log("Refresh returned 401");
-        throw error;
+				reauthFailed = true;
-      }
+				console.log("Revoking");
-    }
+				await revoke();
-  } catch (error) {
+				console.log("Redirecting to login");
-    console.error("error:", error);
+				await navigateTo("/login");
-  }
+				console.log("redirected");
 				return;
 				}
 			}
 			} else {
 			console.log("Path is refresh endpoint, throwing error");
 			throw error;
 			}
 		}
 		console.log("throwing error");
 		throw error;
 		}
 	}
 }