@faststore/core 3.90.1 → 3.91.0

package/.turbo/turbo-build.log

@@ -1,23 +1,23 @@
 
-> @faststore/core@3.90.0 prebuild /home/runner/work/faststore/faststore/packages/core
+> @faststore/core@3.90.1 prebuild /home/runner/work/faststore/faststore/packages/core
 > na run partytown && na run generate
 
 
-> @faststore/core@3.90.0 partytown /home/runner/work/faststore/faststore/packages/core
+> @faststore/core@3.90.1 partytown /home/runner/work/faststore/faststore/packages/core
 > partytown copylib ./public/~partytown
 
 Partytown lib copied to: /home/runner/work/faststore/faststore/packages/core/public/~partytown
 
-> @faststore/core@3.90.0 generate /home/runner/work/faststore/faststore/packages/core
+> @faststore/core@3.90.1 generate /home/runner/work/faststore/faststore/packages/core
 > na run generate:schema && na run generate:codegen && na run format:generated
 
 
-> @faststore/core@3.90.0 generate:schema /home/runner/work/faststore/faststore/packages/core
+> @faststore/core@3.90.1 generate:schema /home/runner/work/faststore/faststore/packages/core
 > tsx src/server/generator/generateGraphQLSchemaFile.ts
 
 Schema GraphQL file generated successfully
 
-> @faststore/core@3.90.0 generate:codegen /home/runner/work/faststore/faststore/packages/core
+> @faststore/core@3.90.1 generate:codegen /home/runner/work/faststore/faststore/packages/core
 > graphql-codegen
 
 [STARTED] Parse Configuration
@@ -37,11 +37,11 @@ Running lifecycle hook "afterStart" scripts...
 [CLI] Loading Documents
 [CLI] Generating output
 
-> @faststore/core@3.90.0 format:generated /home/runner/work/faststore/faststore/packages/core
+> @faststore/core@3.90.1 format:generated /home/runner/work/faststore/faststore/packages/core
 > prettier --write "@generated/**/*.{ts,js,tsx,jsx,json}" --loglevel error
 
 
-> @faststore/core@3.90.0 build /home/runner/work/faststore/faststore/packages/core
+> @faststore/core@3.90.1 build /home/runner/work/faststore/faststore/packages/core
 > next build
 
 ⚠ No build cache found. Please configure build caching for faster rebuilds. Read more: https://nextjs.org/docs/messages/no-cache
@@ -89,7 +89,7 @@ Route (pages)                              Size     First Load JS
 ├ ● /login                                 1.7 kB          140 kB
 ├ λ /pvt/account                           247 B           108 kB
 ├ ● /pvt/account/[...unknown]              287 B           108 kB
-├ λ /pvt/account/403                       2.49 kB         141 kB
+├ λ /pvt/account/403                       2.98 kB         141 kB
 ├   └ css/c53b17b6fa994508.css             4.66 kB
 ├ λ /pvt/account/404                       2.18 kB         140 kB
 ├   └ css/ceb410a7062740d1.css             4.72 kB
@@ -107,8 +107,8 @@ Route (pages)                              Size     First Load JS
 + First Load JS shared by all              111 kB
   ├ chunks/framework-d514426edf885c68.js   45.4 kB
   ├ chunks/main-595f5e3b626b9fff.js        33.2 kB
-  ├ chunks/pages/_app-494fa821daae1608.js  25 kB
-  ├ chunks/webpack-7a160aaa24e51946.js     3.84 kB
+  ├ chunks/pages/_app-43bcb55c76e1d67e.js  25 kB
+  ├ chunks/webpack-083c0d59a2221fa9.js     3.84 kB
   └ css/24a5e8f6808266fe.css               3.53 kB
 
 λ  (Server)  server-side renders at runtime (uses getInitialProps or getServerSideProps)

package/.turbo/turbo-test.log

@@ -1,14 +1,14 @@
 
-> @faststore/core@3.90.0 test /home/runner/work/faststore/faststore/packages/core
+> @faststore/core@3.90.1 test /home/runner/work/faststore/faststore/packages/core
 > jest
 
-PASS test/server/cms/global.test.ts (27.025 s)
-PASS test/utils/multipleTemplates.test.ts (27.238 s)
+PASS test/utils/multipleTemplates.test.ts (27.219 s)
+PASS test/server/cms/global.test.ts (27.394 s)
 PASS test/server/cms/index.test.ts
-PASS test/server/index.test.ts (30.022 s)
+PASS test/server/index.test.ts (30.582 s)
 
 Test Suites: 4 passed, 4 total
 Tests:       22 passed, 22 total
 Snapshots:   0 total
-Time:        31.191 s
+Time:        31.91 s
 Ran all test suites.

package/@generated/schema.graphql

@@ -5,6 +5,8 @@ schema {
 
 directive @cacheControl(sMaxAge: Int, staleWhileRevalidate: Int, scope: String) on FIELD_DEFINITION
 
+directive @auth on FIELD_DEFINITION
+
 """Address information."""
 type Address {
   """Address postal code"""
@@ -948,12 +950,12 @@ type Query {
   product(
     """An array of selected search facets."""
     locator: [IStoreSelectedFacet!]!
-  ): StoreProduct! @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  ): StoreProduct! @cacheControl(scope: "public", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns the details of a collection based on the collection slug."""
   collection(
     """Collection slug."""
     slug: String!
-  ): StoreCollection! @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  ): StoreCollection! @cacheControl(scope: "public", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns the result of a product, facet, or suggestion search."""
   search(
     """Search pagination argument, indicating how many results should be returned from the complete result list."""
@@ -968,23 +970,23 @@ type Query {
     selectedFacets: [IStoreSelectedFacet!]
     """Search advertisement products return in result."""
     sponsoredCount: Int
-  ): StoreSearchResult! @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  ): StoreSearchResult! @cacheControl(scope: "public", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns information about all products."""
   allProducts(
     """Product pagination argument, indicating how many items should be returned from the complete result list."""
     first: Int!
     """Product pagination argument, indicating the cursor corresponding with the item after which the items should be fetched."""
     after: String
-  ): StoreProductConnection! @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  ): StoreProductConnection! @cacheControl(scope: "public", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns information about selected products."""
-  products(productIds: [String!]!): [StoreProduct!]! @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  products(productIds: [String!]!): [StoreProduct!]! @cacheControl(scope: "public", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns information about all collections."""
   allCollections(
     """Collection pagination argument, indicating how many items should be returned from the complete result list."""
     first: Int!
     """Collection pagination argument, indicating the cursor corresponding with the item after which the items should be fetched."""
     after: String
-  ): StoreCollectionConnection! @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  ): StoreCollectionConnection! @cacheControl(scope: "public", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns information about shipping simulation."""
   shipping(
     """List of SKU products"""
@@ -993,7 +995,7 @@ type Query {
     postalCode: String!
     """Country of postal code"""
     country: String!
-  ): ShippingData @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  ): ShippingData @cacheControl(scope: "public", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns if there's a redirect for a search."""
   redirect(
     """Search term."""
@@ -1011,22 +1013,22 @@ type Query {
     country: String!
     """Sales channel of the navigation"""
     salesChannel: String
-  ): SellersData @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  ): SellersData @cacheControl(scope: "public", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns information about the profile."""
   profile(
     """Identifier for user."""
     id: String!
-  ): Profile @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  ): Profile @cacheControl(scope: "public", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns the total product count information based on a specific location accessible through the VTEX segment cookie."""
   productCount(
     """Search term."""
     term: String
-  ): ProductCountResult @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  ): ProductCountResult @cacheControl(scope: "public", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns information about the Details of an User Order."""
   userOrder(
     """Identifier for the order."""
     orderId: String!
-  ): UserOrderResult @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  ): UserOrderResult @auth @cacheControl(scope: "private", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns information about the list of Orders that the User can view."""
   listUserOrders(
     """Page number of the list of orders."""
@@ -1043,18 +1045,18 @@ type Query {
     text: String
     """Client email used to filter of the list of orders."""
     clientEmail: String
-  ): UserOrderListMinimalResult @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  ): UserOrderListMinimalResult @auth @cacheControl(scope: "private", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns information about the current user details."""
-  userDetails: StoreUserDetails! @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  userDetails: StoreUserDetails! @auth @cacheControl(scope: "private", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns the account profile information for the current authenticated user (b2b or b2c user)."""
-  accountProfile: StoreAccountProfile! @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  accountProfile: StoreAccountProfile! @auth @cacheControl(scope: "private", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns information about the user validation."""
-  validateUser: ValidateUserData @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  validateUser: ValidateUserData @auth @cacheControl(scope: "private", sMaxAge: 300, staleWhileRevalidate: 3600)
   """Returns a list of pickup points near to the given geo coordinates."""
   pickupPoints(
     """Geo coordinates input."""
     geoCoordinates: IStoreGeoCoordinates
-  ): PickupPoints @cacheControl(scope: "public", sMaxAge: 120, staleWhileRevalidate: 3600)
+  ): PickupPoints @cacheControl(scope: "public", sMaxAge: 300, staleWhileRevalidate: 3600)
 }
 
 type ValidateUserData {

package/CHANGELOG.md

@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [3.91.0](https://github.com/vtex/faststore/compare/v3.90.1...v3.91.0) (2025-10-24)
+
+### Features
+
+- user validation improvements + refresh token SSR and api - SFS-2909 ([#3065](https://github.com/vtex/faststore/issues/3065)) ([97071ee](https://github.com/vtex/faststore/commit/97071ee21fcee0b038dfafa06633ef597136898e))
+
 ## [3.90.1](https://github.com/vtex/faststore/compare/v3.90.0...v3.90.1) (2025-10-20)
 
 ### Bug Fixes

package/discovery.config.default.js

@@ -149,7 +149,7 @@ module.exports = {
     enableVtexAssetsLoader: false,
     graphqlCacheControl: {
       maxAge: 0, // 0 disables cache, 5 * 60 enable cache control maxAge 5 minutes
-      staleWhileRevalidate: 60,
+      staleWhileRevalidate: 60 * 60, // 1 hour
     },
     refreshToken: false,
   },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@faststore/core",
-  "version": "3.90.1",
+  "version": "3.91.0",
   "license": "MIT",
   "repository": "vtex/faststore",
   "browserslist": "supports es6-module and not dead",
@@ -44,7 +44,7 @@
     "@envelop/graphql-jit": "^8.0.3",
     "@envelop/parser-cache": "^6.0.2",
     "@envelop/validation-cache": "^6.0.2",
-    "@faststore/api": "^3.90.0",
+    "@faststore/api": "^3.91.0",
     "@faststore/graphql-utils": "^3.89.2",
     "@faststore/lighthouse": "^3.89.2",
     "@faststore/sdk": "^3.90.0",
@@ -116,5 +116,5 @@
     "ts-jest": "29.1.1",
     "typescript": "5.3.2"
   },
-  "gitHead": "63c402037eecf654247a393ce446167169466558"
+  "gitHead": "2f215352aeeea0063ea89cf4eab34fc25f29c813"
 }

package/src/experimental/{myAccountSeverSideProps.ts → myAccountServerSideProps.ts}

@@ -37,9 +37,10 @@ export const getServerSideProps: GetServerSideProps<
   Record<string, string>,
   Locator
 > = async (context) => {
-  const isValid = await validateUser(context)
+  const validationResult = await validateUser(context)
 
-  if (!isValid) {
+  // Guard clause: Early redirect to login if user is invalid and doesn't need refresh
+  if (!validationResult.isValid && !validationResult.needsRefresh) {
     return {
       redirect: {
         destination: '/login',
@@ -48,10 +49,16 @@ export const getServerSideProps: GetServerSideProps<
     }
   }
 
-  const isRepresentative = getIsRepresentative({
-    headers: context.req.headers as Record<string, string>,
-    account: storeConfig.api.storeId,
-  })
+  // Handle refresh token case with minimal props
+  if (!validationResult.isValid && validationResult.needsRefresh) {
+    const currentPath = context.req.url || '/pvt/account'
+    return {
+      redirect: {
+        destination: `/pvt/account/403?from=${encodeURIComponent(currentPath)}`,
+        permanent: false,
+      },
+    }
+  }
 
   const { isFaststoreMyAccountEnabled, redirect } = getMyAccountRedirect({
     query: context.query,
@@ -61,6 +68,11 @@ export const getServerSideProps: GetServerSideProps<
     return { redirect }
   }
 
+  const isRepresentative = getIsRepresentative({
+    headers: context.req.headers as Record<string, string>,
+    account: storeConfig.api.storeId,
+  })
+
   const [
     globalSectionsPromise,
     globalSectionsHeaderPromise,

package/src/pages/api/graphql.ts

@@ -10,7 +10,8 @@ import discoveryConfig from 'discovery.config'
 import { getJWTAutCookie, isExpired } from 'src/utils/getCookie'
 import { execute } from '../../server'
 
-const ONE_MINUTE = 60
+const DEFAULT_MAX_AGE = 5 * 60 // 5 minutes
+const DEFAULT_STALE_WHILE_REVALIDATE = 60 * 60 // 1 hour
 
 /**
  * This function replaces the setCookie domain so that we can use localhost in dev environment.
@@ -144,26 +145,34 @@ const handler: NextApiHandler = async (request, response) => {
       return
     }
 
-    const cacheControl =
-      !hasErrors && extensions.cacheControl
-        ? stringifyCacheControl(extensions.cacheControl)
-        : 'no-cache, no-store'
-
-    if (
+    if (extensions.cacheControl) {
+      const cacheControl = stringifyCacheControl(extensions.cacheControl)
+      response.setHeader('cache-control', cacheControl)
+    } else if (
       request.method === 'GET' &&
-      discoveryConfig?.experimental?.graphqlCacheControl?.maxAge
+      operation.__meta__.operationName?.toLowerCase()?.endsWith('query')
     ) {
-      const maxAge = discoveryConfig.experimental.graphqlCacheControl.maxAge
+      const maxAge =
+        discoveryConfig?.experimental?.graphqlCacheControl?.maxAge &&
+        discoveryConfig?.experimental?.graphqlCacheControl?.maxAge > 0
+          ? discoveryConfig.experimental.graphqlCacheControl.maxAge
+          : DEFAULT_MAX_AGE // 5 minutes
+
       const staleWhileRevalidate =
         discoveryConfig?.experimental?.graphqlCacheControl
-          ?.staleWhileRevalidate ?? ONE_MINUTE
+          ?.staleWhileRevalidate &&
+        discoveryConfig?.experimental?.graphqlCacheControl
+          ?.staleWhileRevalidate > 0
+          ? discoveryConfig.experimental.graphqlCacheControl
+              .staleWhileRevalidate
+          : DEFAULT_STALE_WHILE_REVALIDATE // 1 hour
 
       response.setHeader(
         'cache-control',
         `public, s-maxage=${maxAge}, stale-while-revalidate=${staleWhileRevalidate}`
       )
     } else {
-      response.setHeader('cache-control', cacheControl)
+      response.setHeader('cache-control', 'no-cache, no-store')
     }
 
     const setCookieValues = Array.from(extensions.cookies.values())

package/src/pages/pvt/account/403.tsx

@@ -19,13 +19,14 @@ import RenderSections from 'src/components/cms/RenderSections'
 import { OverriddenDefaultEmptyState as EmptyState } from 'src/components/sections/EmptyState/OverriddenDefaultEmptyState'
 import CUSTOM_COMPONENTS from 'src/customizations/src/components'
 import PLUGINS_COMPONENTS from 'src/plugins'
-import { validateUser } from 'src/sdk/account/validateUser'
+import { useRefreshToken } from 'src/sdk/account/useRefreshToken'
 import PageProvider from 'src/sdk/overrides/PageProvider'
 import { execute } from 'src/server'
-import { type PageContentType, getPage } from 'src/server/cms'
 import { injectGlobalSections } from 'src/server/cms/global'
 import { getMyAccountRedirect } from 'src/utils/myAccountRedirect'
 
+import storeConfig from 'discovery.config'
+
 /* A list of components that can be used in the CMS. */
 const COMPONENTS: Record<string, ComponentType<any>> = {
   ...GLOBAL_COMPONENTS,
@@ -34,14 +35,31 @@ const COMPONENTS: Record<string, ComponentType<any>> = {
 }
 
 type Props = {
-  globalSections: GlobalSectionsData
-  accountName: ServerAccountPageQueryQuery['accountProfile']['name']
+  globalSections?: GlobalSectionsData
+  accountName?: ServerAccountPageQueryQuery['accountProfile']['name']
+  needsRefreshToken?: boolean
+  fromPage?: string
 }
 
-function Page({ globalSections: globalSectionsProp, accountName }: Props) {
+function Page({
+  globalSections: globalSectionsProp,
+  accountName,
+  needsRefreshToken,
+  fromPage,
+}: Props) {
   const { sections: globalSections, settings: globalSettings } =
-    globalSectionsProp ?? {}
+    globalSectionsProp ?? { sections: [], settings: {} }
+
+  // Use the new hook to handle refresh token with session management
+  const { shouldShow403 } = useRefreshToken(needsRefreshToken, fromPage)
 
+  // Handle refresh token case - show loading while attempting refresh
+  if (needsRefreshToken && !shouldShow403) {
+    console.info('Refreshing authentication...')
+    return <></>
+  }
+
+  // Show 403 page if refresh failed or if we don't need refresh token
   return (
     <PageProvider context={{ globalSettings }}>
       <RenderSections globalSections={globalSections} components={COMPONENTS}>
@@ -77,13 +95,50 @@ export const getServerSideProps: GetServerSideProps<
   Record<string, string>,
   Locator
 > = async (context) => {
-  const isValid = await validateUser(context)
+  const [
+    globalSectionsPromise,
+    globalSectionsHeaderPromise,
+    globalSectionsFooterPromise,
+  ] = getGlobalSectionsData(context.previewData)
+
+  const [account, globalSections, globalSectionsHeader, globalSectionsFooter] =
+    await Promise.all([
+      execute<
+        ServerAccountPageQueryQueryVariables,
+        ServerAccountPageQueryQuery
+      >(
+        {
+          variables: {},
+          operation: query,
+        },
+        { headers: { ...context.req.headers } }
+      ),
+      globalSectionsPromise,
+      globalSectionsHeaderPromise,
+      globalSectionsFooterPromise,
+    ])
+
+  const globalSectionsResult = injectGlobalSections({
+    globalSections,
+    globalSectionsHeader,
+    globalSectionsFooter,
+  })
+
+  if (account.errors) {
+    console.error(...account.errors)
+
+    const statusCode: number = (account.errors[0] as any)?.extensions?.status
+
+    const fromPage =
+      typeof context.query.from === 'string' ? context.query.from : ''
 
-  if (!isValid) {
     return {
-      redirect: {
-        destination: '/login',
-        permanent: false,
+      props: {
+        globalSections: globalSectionsResult,
+        needsRefreshToken:
+          (statusCode === 401 || statusCode === 403) &&
+          storeConfig.experimental?.refreshToken,
+        fromPage,
       },
     }
   }
@@ -96,47 +151,11 @@ export const getServerSideProps: GetServerSideProps<
     return { redirect }
   }
 
-  const [
-    globalSectionsPromise,
-    globalSectionsHeaderPromise,
-    globalSectionsFooterPromise,
-  ] = getGlobalSectionsData(context.previewData)
-
-  const [
-    page,
-    account,
-    globalSections,
-    globalSectionsHeader,
-    globalSectionsFooter,
-  ] = await Promise.all([
-    getPage<PageContentType>({
-      ...(context.previewData?.contentType === '403' && context.previewData),
-      contentType: '403',
-    }),
-    execute<ServerAccountPageQueryQueryVariables, ServerAccountPageQueryQuery>(
-      {
-        variables: {},
-        operation: query,
-      },
-      { headers: { ...context.req.headers } }
-    ),
-    globalSectionsPromise,
-    globalSectionsHeaderPromise,
-    globalSectionsFooterPromise,
-  ])
-
-  const globalSectionsResult = injectGlobalSections({
-    globalSections,
-    globalSectionsHeader,
-    globalSectionsFooter,
-  })
-
   return {
     props: {
       // The sections from the CMS page are not utilized here for the My Account page.
-      // page,
       globalSections: globalSectionsResult,
-      accountName: account.data.accountProfile.name,
+      accountName: account?.data?.accountProfile?.name ?? '',
     },
   }
 }

package/src/pages/pvt/account/404.tsx

@@ -20,7 +20,6 @@ import RenderSections, {
 import { OverriddenDefaultEmptyState as EmptyState } from 'src/components/sections/EmptyState/OverriddenDefaultEmptyState'
 import CUSTOM_COMPONENTS from 'src/customizations/src/components'
 import PLUGINS_COMPONENTS from 'src/plugins'
-import { validateUser } from 'src/sdk/account/validateUser'
 import PageProvider from 'src/sdk/overrides/PageProvider'
 import { execute } from 'src/server'
 import { type PageContentType, getPage } from 'src/server/cms'
@@ -77,17 +76,6 @@ export const getServerSideProps: GetServerSideProps<
   Record<string, string>,
   Locator
 > = async (context) => {
-  const isValid = await validateUser(context)
-
-  if (!isValid) {
-    return {
-      redirect: {
-        destination: '/login',
-        permanent: false,
-      },
-    }
-  }
-
   const { isFaststoreMyAccountEnabled, redirect } = getMyAccountRedirect({
     query: context.query,
   })
@@ -125,6 +113,22 @@ export const getServerSideProps: GetServerSideProps<
     globalSectionsFooterPromise,
   ])
 
+  if (account.errors) {
+    console.error(...account.errors)
+
+    const statusCode: number = (account.errors[0] as any)?.extensions?.status
+
+    // Redirect to 403 for authentication errors (401/403) to handle token refresh
+    if (statusCode === 401 || statusCode === 403) {
+      return {
+        redirect: {
+          destination: `/pvt/account/403?from=${encodeURIComponent('/pvt/account/404')}`,
+          permanent: false,
+        },
+      }
+    }
+  }
+
   const globalSectionsResult = injectGlobalSections({
     globalSections,
     globalSectionsHeader,

package/src/pages/pvt/account/[...unknown].tsx

@@ -1,7 +1,7 @@
 import type { Locator } from '@vtex/client-cms'
 import type { GetStaticPaths, GetStaticProps } from 'next'
 
-import type { MyAccountProps } from 'src/experimental/myAccountSeverSideProps'
+import type { MyAccountProps } from 'src/experimental/myAccountServerSideProps'
 import { getMyAccountRedirect } from 'src/utils/myAccountRedirect'
 
 export default function Page() {

package/src/pages/pvt/account/index.tsx

@@ -1,5 +1,4 @@
 import type { GetServerSideProps, NextPage } from 'next'
-import { validateUser } from 'src/sdk/account/validateUser'
 import { getMyAccountRedirect } from 'src/utils/myAccountRedirect'
 
 const MyAccountRedirectPage: NextPage = () => {
@@ -10,17 +9,6 @@ export const getServerSideProps: GetServerSideProps = async ({
   query,
   req,
 }) => {
-  const isValid = await validateUser({ query, req } as any)
-
-  if (!isValid) {
-    return {
-      redirect: {
-        destination: '/login',
-        permanent: false,
-      },
-    }
-  }
-
   const { isFaststoreMyAccountEnabled, redirect } = getMyAccountRedirect({
     query,
   })

package/src/pages/pvt/account/orders/[id].tsx

@@ -7,8 +7,7 @@ import MyAccountOrderDetails from 'src/components/account/orders/MyAccountOrderD
 import RenderSections from 'src/components/cms/RenderSections'
 import { default as GLOBAL_COMPONENTS } from 'src/components/cms/global/Components'
 import CUSTOM_COMPONENTS from 'src/customizations/src/components'
-import type { MyAccountProps } from 'src/experimental/myAccountSeverSideProps'
-import { validateUser } from 'src/sdk/account/validateUser'
+import type { MyAccountProps } from 'src/experimental/myAccountServerSideProps'
 
 import { gql } from '@generated'
 import type {
@@ -268,17 +267,6 @@ export const getServerSideProps: GetServerSideProps<
   Record<string, string>,
   Locator
 > = async (context) => {
-  const isValid = await validateUser(context)
-
-  if (!isValid) {
-    return {
-      redirect: {
-        destination: '/login',
-        permanent: false,
-      },
-    }
-  }
-
   const isRepresentative = getIsRepresentative({
     headers: context.req.headers as Record<string, string>,
     account: storeConfig.api.storeId,
@@ -328,11 +316,16 @@ export const getServerSideProps: GetServerSideProps<
     console.error(...orderDetails.errors)
     const status = extractStatusFromError(orderDetails.errors?.[0])
 
-    const isForbidden = status === 403 || status === 401
+    // Redirect to 403 for authentication errors (401/403) to handle token refresh
+    // Redirect to 404 for other errors
+    const destination =
+      status === 403 || status === 401
+        ? `/pvt/account/403?from=${encodeURIComponent(`/pvt/account/orders/${context.params?.id}`)}`
+        : '/pvt/account/404'
 
     return {
       redirect: {
-        destination: isForbidden ? '/pvt/account/403' : '/pvt/account/404',
+        destination,
         permanent: false,
       },
     }