From 641793b2c41810df36e1396d98e7a9756fdb56fc Mon Sep 17 00:00:00 2001 From: Alexander Schmidt Date: Sat, 7 Feb 2026 15:31:10 +0100 Subject: [PATCH] fix: prevent auth logout by sending refresh request without expired access token header --- js/services/directus.js | 22 +++++++++++++++------- js/services/notifications.js | 9 ++++++++- 2 files changed, 23 insertions(+), 8 deletions(-) diff --git a/js/services/directus.js b/js/services/directus.js index cf357bd..c944e74 100644 --- a/js/services/directus.js +++ b/js/services/directus.js @@ -285,16 +285,24 @@ class DirectusService { if (!this.refreshToken) return false try { - const response = await this.post('/auth/refresh', { - refresh_token: this.refreshToken, - mode: 'json' + const response = await fetch(`${this.baseUrl}/auth/refresh`, { + method: 'POST', + headers: { 'Content-Type': 'application/json' }, + body: JSON.stringify({ + refresh_token: this.refreshToken, + mode: 'json' + }) }) + + if (!response.ok) throw new Error('Refresh failed') + + const result = await response.json() - if (response.data) { + if (result.data) { this.saveTokens( - response.data.access_token, - response.data.refresh_token, - response.data.expires + result.data.access_token, + result.data.refresh_token, + result.data.expires ) return true } diff --git a/js/services/notifications.js b/js/services/notifications.js index 56c4427..ae7d5f7 100644 --- a/js/services/notifications.js +++ b/js/services/notifications.js @@ -33,6 +33,11 @@ class NotificationsService { async refresh() { if (!this.userHash) return + if (!auth.isLoggedIn()) { + this.destroy() + return + } + try { const [count, notifications] = await Promise.all([ directus.getUnreadCount(this.userHash), @@ -42,7 +47,9 @@ class NotificationsService { this.notifications = notifications this.notify() } catch (e) { - console.error('Failed to fetch notifications:', e) + if (e.status === 401 || e.status === 403) { + this.stopPolling() + } } }