handle expired token being null and prevent constant rerender (#956)

* handle expired token being null and prevent constant rerender * reset defaults
2024-11-11 01:10:11 +01:00 · 2024-03-26 16:47:25 -07:00 · 2024-03-26 16:47:25 -07:00 · efe9dfa5e3
commit efe9dfa5e3
parent 1ecefe8bed
5 changed files with 21 additions and 9 deletions
--- a/frontend/src/components/Modals/Password/index.jsx
+++ b/frontend/src/components/Modals/Password/index.jsx
@ -34,7 +34,7 @@ export default function PasswordModal({ mode = "single" }) {
  );
 }

-export function usePasswordModal() {
+export function usePasswordModal(notry = false) {
  const [auth, setAuth] = useState({
    loading: true,
    requiresAuth: false,
@ -47,7 +47,7 @@ export function usePasswordModal() {

      // If the last validity check is still valid
      // we can skip the loading.
-      if (!System.needsAuthCheck()) {
+      if (!System.needsAuthCheck() && notry === false) {
        setAuth({
          loading: false,
          requiresAuth: false,
@ -60,7 +60,7 @@ export function usePasswordModal() {
      if (settings?.MultiUserMode) {
        const currentToken = window.localStorage.getItem(AUTH_TOKEN);
        if (!!currentToken) {
-          const valid = await System.checkAuth(currentToken);
+          const valid = notry ? false : await System.checkAuth(currentToken);
          if (!valid) {
            setAuth({
              loading: false,
@ -102,7 +102,7 @@ export function usePasswordModal() {

        const currentToken = window.localStorage.getItem(AUTH_TOKEN);
        if (!!currentToken) {
-          const valid = await System.checkAuth(currentToken);
+          const valid = notry ? false : await System.checkAuth(currentToken);
          if (!valid) {
            setAuth({
              loading: false,
@ -110,6 +110,8 @@ export function usePasswordModal() {
              mode: "single",
            });
            window.localStorage.removeItem(AUTH_TOKEN);
+            window.localStorage.removeItem(AUTH_USER);
+            window.localStorage.removeItem(AUTH_TIMESTAMP);
            return;
          } else {
            setAuth({
--- a/frontend/src/components/PrivateRoute/index.jsx
+++ b/frontend/src/components/PrivateRoute/index.jsx
@ -136,6 +136,6 @@ export default function PrivateRoute({ Component }) {
      <Component />
    </UserMenu>
  ) : (
-    <Navigate to={paths.login()} />
+    <Navigate to={paths.login(true)} />
  );
 }
--- a/frontend/src/pages/Login/index.jsx
+++ b/frontend/src/pages/Login/index.jsx
@ -3,9 +3,11 @@ import PasswordModal, { usePasswordModal } from "@/components/Modals/Password";
 import { FullScreenLoader } from "@/components/Preloader";
 import { Navigate } from "react-router-dom";
 import paths from "@/utils/paths";
+import useQuery from "@/hooks/useQuery";

 export default function Login() {
-  const { loading, requiresAuth, mode } = usePasswordModal();
+  const query = useQuery();
+  const { loading, requiresAuth, mode } = usePasswordModal(!!query.get("nt"));
  if (loading) return <FullScreenLoader />;
  if (requiresAuth === false) return <Navigate to={paths.home()} />;

--- a/frontend/src/utils/paths.js
+++ b/frontend/src/utils/paths.js
@ -4,8 +4,8 @@ export default {
  home: () => {
    return "/";
  },
-  login: () => {
-    return "/login";
+  login: (noTry = false) => {
+    return `/login${noTry ? "?nt=1" : ""}`;
  },
  onboarding: {
    home: () => {
--- a/server/utils/middleware/validatedRequest.js
+++ b/server/utils/middleware/validatedRequest.js
@ -38,9 +38,17 @@ async function validatedRequest(request, response, next) {

  const bcrypt = require("bcrypt");
  const { p } = decodeJWT(token);
+
+  if (p === null) {
+    response.status(401).json({
+      error: "Token expired or failed validation.",
+    });
+    return;
+  }
+
  if (!bcrypt.compareSync(p, bcrypt.hashSync(process.env.AUTH_TOKEN, 10))) {
    response.status(401).json({
-      error: "Invalid auth token found.",
+      error: "Invalid auth credentials.",
    });
    return;
  }