From 20fd25e2809b332680270faccd4bd15ef95a2145 Mon Sep 17 00:00:00 2001 From: kolaente Date: Sat, 10 Jul 2021 12:32:04 +0200 Subject: [PATCH] Add timeout to fix race condition when authenticating as a link share and renewing the token simultaneously Related #587 --- src/store/modules/auth.js | 33 +++++++++++++++++++-------------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/src/store/modules/auth.js b/src/store/modules/auth.js index 59ae66daf..65369a3e0 100644 --- a/src/store/modules/auth.js +++ b/src/store/modules/auth.js @@ -214,21 +214,26 @@ export default { }, // Renews the api token and saves it to local storage renewToken(ctx) { - if (!ctx.state.authenticated) { - return - } + // Timeout to avoid race conditions when authenticated as a user (=auth token in localStorage) and as a + // link share in another tab. Without the timeout both the token renew and link share auth are executed at + // the same time and one might win over the other. + setTimeout(() => { + if (!ctx.state.authenticated) { + return + } - refreshToken() - .then(() => { - ctx.dispatch('checkAuth') - }) - .catch(e => { - // Don't logout on network errors as the user would then get logged out if they don't have - // internet for a short period of time - such as when the laptop is still reconnecting - if (e.request.status) { - ctx.dispatch('logout') - } - }) + refreshToken() + .then(() => { + ctx.dispatch('checkAuth') + }) + .catch(e => { + // Don't logout on network errors as the user would then get logged out if they don't have + // internet for a short period of time - such as when the laptop is still reconnecting + if (e.request.status) { + ctx.dispatch('logout') + } + }) + }, 5000) }, logout(ctx) { removeToken()