boha_admin/app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 26 Wiki Activity

fix: only show session-expired alert when user had a valid session

Browse Source 
Added hadValidSessionRef to track whether the user was ever
authenticated during this page load. setSessionExpired() in
silentRefresh now only fires when the ref is true, preventing
the alert on direct visits by unauthenticated users.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
BOHA
2026-04-28 12:16:26 +02:00
parent d1c5234a03
commit 12289bdce3
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/admin/context/AuthContext.tsx
View File

@@ -90,6 +90,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
const cachedUserRef = useRef<User | null>(null); const cachedUserRef = useRef<User | null>(null);
const sessionFetchedRef = useRef(false); const sessionFetchedRef = useRef(false);
const silentRefreshInFlightRef = useRef<Promise<boolean> | null>(null); const silentRefreshInFlightRef = useRef<Promise<boolean> | null>(null);
const hadValidSessionRef = useRef(false);
const [user, setUser] = useState<User | null>(cachedUserRef.current); const [user, setUser] = useState<User | null>(cachedUserRef.current);
const [loading, setLoading] = useState(!sessionFetchedRef.current); const [loading, setLoading] = useState(!sessionFetchedRef.current);
const [error, setError] = useState<string | null>(null); const [error, setError] = useState<string | null>(null);
@@ -138,13 +139,14 @@ export function AuthProvider({ children }: { children: ReactNode }) {
if (data.success && data.data?.access_token) { if (data.success && data.data?.access_token) {
setAccessTokenFn(data.data.access_token, data.data.expires_in); setAccessTokenFn(data.data.access_token, data.data.expires_in);
setUser(mapUser(data.data.user)); setUser(mapUser(data.data.user));
hadValidSessionRef.current = true;
return true; return true;
} }
accessTokenRef.current = null; accessTokenRef.current = null;
tokenExpiresAtRef.current = null; tokenExpiresAtRef.current = null;
setUser(null); setUser(null);
cachedUserRef.current = null; cachedUserRef.current = null;
setSessionExpired(); if (hadValidSessionRef.current) setSessionExpired();
return false; return false;
} catch { } catch {
// Network error — don't kick the user out, just return false // Network error — don't kick the user out, just return false
@@ -178,6 +180,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
if (data.data.access_token) setAccessTokenFn(data.data.access_token); if (data.data.access_token) setAccessTokenFn(data.data.access_token);
setUser(mapUser(data.data.user)); setUser(mapUser(data.data.user));
cachedUserRef.current = mapUser(data.data.user); cachedUserRef.current = mapUser(data.data.user);
hadValidSessionRef.current = true;
return true; return true;
} }
} }
@@ -233,6 +236,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
setUser(mapUser(data.data.user)); setUser(mapUser(data.data.user));
cachedUserRef.current = mapUser(data.data.user); cachedUserRef.current = mapUser(data.data.user);
sessionFetchedRef.current = true; sessionFetchedRef.current = true;
hadValidSessionRef.current = true;
return { success: true }; return { success: true };
} }
setError(data.error); setError(data.error);
@@ -273,6 +277,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
setUser(mapUser(data.data.user)); setUser(mapUser(data.data.user));
cachedUserRef.current = mapUser(data.data.user); cachedUserRef.current = mapUser(data.data.user);
sessionFetchedRef.current = true; sessionFetchedRef.current = true;
hadValidSessionRef.current = true;
return { success: true }; return { success: true };
} }
setError(data.error); setError(data.error);
@@ -302,6 +307,7 @@ export function AuthProvider({ children }: { children: ReactNode }) {
setUser(null); setUser(null);
cachedUserRef.current = null; cachedUserRef.current = null;
sessionFetchedRef.current = false; sessionFetchedRef.current = false;
hadValidSessionRef.current = false;
if (refreshTimeoutRef.current) { if (refreshTimeoutRef.current) {
clearTimeout(refreshTimeoutRef.current); clearTimeout(refreshTimeoutRef.current);
refreshTimeoutRef.current = null; refreshTimeoutRef.current = null;