Commit 5d32e74
fix: improve auth session sync reliability (#24)
* fix: improve auth session sync reliability
- Add configurable JWT validation leeway (default 60s) to handle clock
drift between Clerk servers and the backend
- Catch ExpiredTokenError alongside InvalidClaimError/MissingClaimError
to prevent crashes on expired tokens
- Rewrite ClerkSessionSynchronizer JS for reliability:
- Use useRef to deduplicate rapid calls while remaining reconnect-safe
- Request fresh tokens with skipCache to avoid near-expiry cached tokens
- Handle token retrieval failures gracefully (clear session instead of hang)
- Include all dependencies in useEffect array ([isLoaded, isSignedIn, addEvents, getToken])
- Add unit tests for expired token handling and JS code correctness
- Add pythonpath config for pytest to find custom_components
* fix: address review on auth session sync PR
JS dedupe + retry fixes (Copilot review):
- Only update lastSentRef after a confirmed dispatch so a failed token fetch
doesn't poison the dedupe and block later retries.
- Add inFlightRef to prevent overlapping getToken calls when the effect
re-fires before the in-flight promise resolves.
- Retry getToken once after a 500ms delay before clearing the backend
session, so transient token-fetch failures don't force a backend logout
while Clerk is still signed in.
- On final failure, leave lastSentRef unchanged so the next trigger
(reconnect, sign-in toggle) re-attempts the sync.
Test typecheck fixes:
- pyright ignore for the `_reflex_internal_init` Reflex internal init flag.
- pyright ignore for accessing `.fn` on the wrapped EventCallback.
Co-Authored-By: Paul Johnson <paul.johnson@snaplabs.ai>
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* fix: address Copilot race-condition review on session sync JS
- Drop inFlightRef hard gate. It blocked the !isSignedIn branch, so a
sign-out occurring during an in-flight token fetch would not dispatch
clear_clerk_session and the backend session would stay stale until
another trigger arrived.
- Replace it with a requestIdRef counter that's incremented on every
effect run with a new desired state. The in-flight fetch's then/catch
handlers check the captured myRequestId against requestIdRef.current
before dispatching - so a getToken() that resolves after sign-out can
no longer dispatch a stale set_clerk_session.
- Sign-out path now runs unconditionally and immediately.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Paul Johnson <paul.johnson@snaplabs.ai>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>1 parent d456dd0 commit 5d32e74
3 files changed
Lines changed: 150 additions & 23 deletions
File tree
- custom_components/reflex_clerk_api
- tests
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
59 | 59 | | |
60 | 60 | | |
61 | 61 | | |
| 62 | + | |
| 63 | + | |
62 | 64 | | |
63 | 65 | | |
64 | 66 | | |
| |||
85 | 87 | | |
86 | 88 | | |
87 | 89 | | |
| 90 | + | |
| 91 | + | |
| 92 | + | |
| 93 | + | |
| 94 | + | |
| 95 | + | |
| 96 | + | |
| 97 | + | |
| 98 | + | |
| 99 | + | |
| 100 | + | |
| 101 | + | |
| 102 | + | |
| 103 | + | |
| 104 | + | |
| 105 | + | |
| 106 | + | |
| 107 | + | |
| 108 | + | |
| 109 | + | |
| 110 | + | |
| 111 | + | |
| 112 | + | |
88 | 113 | | |
89 | 114 | | |
90 | 115 | | |
| |||
116 | 141 | | |
117 | 142 | | |
118 | 143 | | |
119 | | - | |
120 | | - | |
121 | | - | |
| 144 | + | |
| 145 | + | |
| 146 | + | |
| 147 | + | |
| 148 | + | |
| 149 | + | |
| 150 | + | |
122 | 151 | | |
123 | 152 | | |
124 | 153 | | |
| |||
364 | 393 | | |
365 | 394 | | |
366 | 395 | | |
367 | | - | |
| 396 | + | |
368 | 397 | | |
369 | 398 | | |
370 | 399 | | |
| |||
375 | 404 | | |
376 | 405 | | |
377 | 406 | | |
378 | | - | |
379 | | - | |
380 | | - | |
381 | | - | |
382 | | - | |
383 | | - | |
384 | | - | |
385 | | - | |
386 | | - | |
387 | | - | |
388 | | - | |
389 | | - | |
390 | | - | |
391 | | - | |
392 | | - | |
| 407 | + | |
| 408 | + | |
| 409 | + | |
| 410 | + | |
| 411 | + | |
| 412 | + | |
| 413 | + | |
| 414 | + | |
| 415 | + | |
| 416 | + | |
| 417 | + | |
| 418 | + | |
| 419 | + | |
| 420 | + | |
| 421 | + | |
| 422 | + | |
| 423 | + | |
| 424 | + | |
| 425 | + | |
| 426 | + | |
| 427 | + | |
| 428 | + | |
| 429 | + | |
| 430 | + | |
| 431 | + | |
| 432 | + | |
| 433 | + | |
| 434 | + | |
| 435 | + | |
| 436 | + | |
| 437 | + | |
| 438 | + | |
| 439 | + | |
| 440 | + | |
| 441 | + | |
| 442 | + | |
| 443 | + | |
| 444 | + | |
| 445 | + | |
| 446 | + | |
| 447 | + | |
| 448 | + | |
| 449 | + | |
| 450 | + | |
| 451 | + | |
| 452 | + | |
| 453 | + | |
| 454 | + | |
| 455 | + | |
| 456 | + | |
| 457 | + | |
| 458 | + | |
| 459 | + | |
| 460 | + | |
| 461 | + | |
| 462 | + | |
| 463 | + | |
| 464 | + | |
| 465 | + | |
| 466 | + | |
| 467 | + | |
393 | 468 | | |
394 | 469 | | |
395 | | - | |
| 470 | + | |
396 | 471 | | |
397 | | - | |
398 | | - | |
399 | | - | |
| 472 | + | |
| 473 | + | |
400 | 474 | | |
401 | 475 | | |
402 | 476 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
47 | 47 | | |
48 | 48 | | |
49 | 49 | | |
| 50 | + | |
50 | 51 | | |
51 | 52 | | |
52 | 53 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
| 1 | + | |
| 2 | + | |
| 3 | + | |
| 4 | + | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
| 48 | + | |
| 49 | + | |
| 50 | + | |
| 51 | + | |
| 52 | + | |
0 commit comments