diff options
| author | nsfisis <nsfisis@gmail.com> | 2026-04-27 07:10:41 +0900 |
|---|---|---|
| committer | nsfisis <nsfisis@gmail.com> | 2026-04-27 07:10:41 +0900 |
| commit | e3576b4b3cb0428a6cc738289a66b7951a133320 (patch) | |
| tree | 2179760cf5ae1107c14254b109737899c706280d /src/server/middleware/index.ts | |
| parent | 38b8fc0e9927c4146b4c8b309b2bcc644abd63d0 (diff) | |
| download | kioku-e3576b4b3cb0428a6cc738289a66b7951a133320.tar.gz kioku-e3576b4b3cb0428a6cc738289a66b7951a133320.tar.zst kioku-e3576b4b3cb0428a6cc738289a66b7951a133320.zip | |
fix(auth): redirect to login page on session expiry
Previously when the session expired, the API client cleared tokens but
the UI displayed "Invalid or expired token" instead of redirecting to
the login page. The root cause was that isAuthenticatedAtom was derived
from userAtom only as a re-evaluation trigger, while the actual value
came from apiClient.isAuthenticated(). On page reload userAtom is null,
so setting it to null on session expiry did not trigger a re-render and
ProtectedRoute never redirected.
Make userAtom (persisted via atomWithStorage) the single source of truth
for auth state, derive isAuthenticatedAtom from it, drop the redundant
apiClient.isAuthenticated(), and explicitly navigate to /login on
session expiry. Also trigger session expiry when a 401 comes back with
no refresh token available.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Diffstat (limited to 'src/server/middleware/index.ts')
0 files changed, 0 insertions, 0 deletions