diff --git a/frontend/src/components/Modals/Password/index.jsx b/frontend/src/components/Modals/Password/index.jsx
index 00fefe4e..d31b80fd 100644
--- a/frontend/src/components/Modals/Password/index.jsx
+++ b/frontend/src/components/Modals/Password/index.jsx
@@ -34,7 +34,7 @@ export default function PasswordModal({ mode = "single" }) {
);
}
-export function usePasswordModal() {
+export function usePasswordModal(notry = false) {
const [auth, setAuth] = useState({
loading: true,
requiresAuth: false,
@@ -47,7 +47,7 @@ export function usePasswordModal() {
// If the last validity check is still valid
// we can skip the loading.
- if (!System.needsAuthCheck()) {
+ if (!System.needsAuthCheck() && notry === false) {
setAuth({
loading: false,
requiresAuth: false,
@@ -60,7 +60,7 @@ export function usePasswordModal() {
if (settings?.MultiUserMode) {
const currentToken = window.localStorage.getItem(AUTH_TOKEN);
if (!!currentToken) {
- const valid = await System.checkAuth(currentToken);
+ const valid = notry ? false : await System.checkAuth(currentToken);
if (!valid) {
setAuth({
loading: false,
@@ -102,7 +102,7 @@ export function usePasswordModal() {
const currentToken = window.localStorage.getItem(AUTH_TOKEN);
if (!!currentToken) {
- const valid = await System.checkAuth(currentToken);
+ const valid = notry ? false : await System.checkAuth(currentToken);
if (!valid) {
setAuth({
loading: false,
@@ -110,6 +110,8 @@ export function usePasswordModal() {
mode: "single",
});
window.localStorage.removeItem(AUTH_TOKEN);
+ window.localStorage.removeItem(AUTH_USER);
+ window.localStorage.removeItem(AUTH_TIMESTAMP);
return;
} else {
setAuth({
diff --git a/frontend/src/components/PrivateRoute/index.jsx b/frontend/src/components/PrivateRoute/index.jsx
index 165141bb..1b4c71fb 100644
--- a/frontend/src/components/PrivateRoute/index.jsx
+++ b/frontend/src/components/PrivateRoute/index.jsx
@@ -136,6 +136,6 @@ export default function PrivateRoute({ Component }) {
) : (
-
+
);
}
diff --git a/frontend/src/pages/Login/index.jsx b/frontend/src/pages/Login/index.jsx
index cf8ab249..4e77a5c6 100644
--- a/frontend/src/pages/Login/index.jsx
+++ b/frontend/src/pages/Login/index.jsx
@@ -3,9 +3,11 @@ import PasswordModal, { usePasswordModal } from "@/components/Modals/Password";
import { FullScreenLoader } from "@/components/Preloader";
import { Navigate } from "react-router-dom";
import paths from "@/utils/paths";
+import useQuery from "@/hooks/useQuery";
export default function Login() {
- const { loading, requiresAuth, mode } = usePasswordModal();
+ const query = useQuery();
+ const { loading, requiresAuth, mode } = usePasswordModal(!!query.get("nt"));
if (loading) return ;
if (requiresAuth === false) return ;
diff --git a/frontend/src/utils/paths.js b/frontend/src/utils/paths.js
index 0f42e223..5625fafb 100644
--- a/frontend/src/utils/paths.js
+++ b/frontend/src/utils/paths.js
@@ -4,8 +4,8 @@ export default {
home: () => {
return "/";
},
- login: () => {
- return "/login";
+ login: (noTry = false) => {
+ return `/login${noTry ? "?nt=1" : ""}`;
},
onboarding: {
home: () => {
diff --git a/server/utils/middleware/validatedRequest.js b/server/utils/middleware/validatedRequest.js
index 6f3df26d..551090a0 100644
--- a/server/utils/middleware/validatedRequest.js
+++ b/server/utils/middleware/validatedRequest.js
@@ -38,9 +38,17 @@ async function validatedRequest(request, response, next) {
const bcrypt = require("bcrypt");
const { p } = decodeJWT(token);
+
+ if (p === null) {
+ response.status(401).json({
+ error: "Token expired or failed validation.",
+ });
+ return;
+ }
+
if (!bcrypt.compareSync(p, bcrypt.hashSync(process.env.AUTH_TOKEN, 10))) {
response.status(401).json({
- error: "Invalid auth token found.",
+ error: "Invalid auth credentials.",
});
return;
}