@spidy092/auth-client 2.1.6 → 2.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/api.js +1 -1
- package/core.js +18 -3
- package/package.json +1 -1
package/api.js
CHANGED
package/core.js
CHANGED
|
@@ -116,7 +116,7 @@ async function routerLogout(clientKey, authBaseUrl, accountUiUrl, token) {
|
|
|
116
116
|
|
|
117
117
|
try {
|
|
118
118
|
const response = await fetch(`${authBaseUrl}/logout/${clientKey}`, {
|
|
119
|
-
method: '
|
|
119
|
+
method: 'POST',
|
|
120
120
|
credentials: 'include',
|
|
121
121
|
headers: {
|
|
122
122
|
'Authorization': token ? `Bearer ${token}` : '',
|
|
@@ -414,8 +414,23 @@ export function startProactiveRefresh() {
|
|
|
414
414
|
startProactiveRefresh();
|
|
415
415
|
} catch (err) {
|
|
416
416
|
console.error('❌ Proactive refresh failed:', err);
|
|
417
|
-
|
|
418
|
-
|
|
417
|
+
|
|
418
|
+
// Check if this is a permanent failure (token revoked, invalid, etc.)
|
|
419
|
+
const errorMessage = err.message?.toLowerCase() || '';
|
|
420
|
+
const isPermanentFailure =
|
|
421
|
+
errorMessage.includes('401') ||
|
|
422
|
+
errorMessage.includes('revoked') ||
|
|
423
|
+
errorMessage.includes('invalid') ||
|
|
424
|
+
errorMessage.includes('expired') ||
|
|
425
|
+
errorMessage.includes('unauthorized');
|
|
426
|
+
|
|
427
|
+
if (isPermanentFailure) {
|
|
428
|
+
console.log('🚨 Token permanently invalid, triggering session expiry');
|
|
429
|
+
notifySessionInvalid('refresh_token_revoked');
|
|
430
|
+
} else {
|
|
431
|
+
// Temporary failure (network issue), try again in 30 seconds
|
|
432
|
+
proactiveRefreshTimer = setTimeout(() => startProactiveRefresh(), 30000);
|
|
433
|
+
}
|
|
419
434
|
}
|
|
420
435
|
}, refreshIn);
|
|
421
436
|
|