Remove user from stuck state if auth token refresh fails

backend/python/app/rest/auth_routes.py

@@ -31,6 +31,7 @@
     "httponly": True,
     "samesite": ("None" if os.getenv("PREVIEW_DEPLOY") else "Strict"),
     "secure": (os.getenv("FLASK_CONFIG") == "production"),
+    "max_age": 60 * 60 * 24 ,  # 1 day
 }
 
 

frontend/src/APIClients/AuthAPIClient.ts

@@ -134,7 +134,7 @@
   FetchResult<
     {
       logout: null;
-    },
+    }, 
     Record<string, unknown>,
     Record<string, unknown>
   >

frontend/src/APIClients/BaseAPIClient.ts

@@ -42,20 +42,25 @@
       (typeof decodedToken === "string" ||
         decodedToken.exp <= Math.round(new Date().getTime() / 1000))
     ) {
+      try {
       const { data } = await axios.post(
         `${process.env.REACT_APP_BACKEND_URL}/auth/refresh`,
         {},
         { withCredentials: true },
       );
 
       const accessToken = data.accessToken || data.access_token;
       setLocalStorageObjProperty(
         AUTHENTICATED_USER_KEY,
         "accessToken",
         accessToken,
       );
 
       newConfig.headers.Authorization = `Bearer ${accessToken}`;
+      } catch (error) {
+        localStorage.removeItem(AUTHENTICATED_USER_KEY);
+        window.location.href = "/login";
+      }
     }
   }
 

frontend/src/index.tsx

@@ -49,6 +49,7 @@ const authLink = setContext(async (_, { headers }) => {
       (typeof decodedToken === "string" ||
         decodedToken.exp <= Math.round(new Date().getTime() / 1000))
     ) {
+      try {
       const { data } = await axios.post(
         `${process.env.REACT_APP_BACKEND_URL}/graphql`,
         { query: REFRESH_MUTATION },
@@ -62,6 +63,10 @@ const authLink = setContext(async (_, { headers }) => {
         accessToken,
       );
       token = accessToken;
+      } catch {
+        localStorage.removeItem(AUTHENTICATED_USER_KEY);
+        window.location.reload();
+      }
     }
   }
   // return the headers to the context so httpLink can read them