fix(auth): add retry and logging for token refresh failures

Add a single retry with a 1-second delay in the 401 interceptor's
doRefresh() before giving up on token renewal. This handles transient
failures like brief network blips or server restarts without immediately
logging the user out.

Also log refresh failures via console.warn so the reason is visible
in browser DevTools for easier diagnosis.

Ref: #2391
This commit is contained in:
kolaente 2026-04-03 20:18:11 +02:00 committed by kolaente
parent fd8a8ecba2
commit 4f232957c4
1 changed files with 14 additions and 5 deletions

View File

@ -38,11 +38,20 @@ async function doRefresh(): Promise<string | null> {
try {
await refreshToken(true)
return getToken()
} catch {
// Refresh failed. Don't remove the token here — in a multi-tab scenario,
// another tab may have successfully rotated the refresh token, and clearing
// localStorage would log out that tab too. Let the caller decide.
return null
} catch (_e) {
// Single retry after a short delay for transient failures (network
// blip, server restart). If this also fails, give up.
try {
await new Promise(resolve => setTimeout(resolve, 1000))
await refreshToken(true)
return getToken()
} catch (retryErr) {
// Refresh failed. Don't remove the token here — in a multi-tab scenario,
// another tab may have successfully rotated the refresh token, and clearing
// localStorage would log out that tab too. Let the caller decide.
console.warn('[Vikunja] Token refresh failed:', retryErr)
return null
}
}
}