Skip to content

Fix error when authProvider check methods are not async #10890

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
slax57 merged 3 commits into from
Aug 21, 2025
Merged

Fix error when authProvider check methods are not async #10890

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ba4103e
Fix error when authPRovider.checkError os not async
fzaninotto Aug 20, 2025
ee2d8e1
Fix useAuthState fails if authPRovider.checkAuth isn't async
fzaninotto Aug 20, 2025
27e9590
Fix useCheckAuth fails when dataProvider.checkAuth is nto async
fzaninotto Aug 20, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 11 additions & 12 deletions packages/ra-core/src/auth/useAuthState.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,22 +62,21 @@ const useAuthState = <ErrorType = Error>(

const queryResult = useQuery<boolean, any>({
queryKey: ['auth', 'checkAuth', params],
queryFn: ({ signal }) => {
queryFn: async ({ signal }) => {
// The authProvider is optional in react-admin
if (!authProvider) {
return true;
}
return authProvider
.checkAuth({ ...params, signal })
.then(() => true)
.catch(error => {
// This is necessary because react-query requires the error to be defined
if (error != null) {
throw error;
}

throw new Error();
});
try {
await authProvider.checkAuth({ ...params, signal });
return true;
} catch (error) {
// This is necessary because react-query requires the error to be defined
if (error != null) {
throw error;
}
throw new Error();
}
},
retry: false,
...options,
Expand Down
57 changes: 31 additions & 26 deletions packages/ra-core/src/auth/useCheckAuth.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,38 +51,43 @@ export const useCheckAuth = (): CheckAuth => {
`${basename}/${defaultAuthParams.loginUrl}`
);

const checkAuth = useCallback(
(params: any = {}, logoutOnFailure = true, redirectTo = loginUrl) =>
authProvider
? authProvider.checkAuth(params).catch(error => {
if (logoutOnFailure) {
logout(
{},
error && error.redirectTo != null
? error.redirectTo
: redirectTo
);
const shouldSkipNotify =
error && error.message === false;
!shouldSkipNotify &&
notify(
getErrorMessage(
error,
'ra.auth.auth_check_error'
),
{ type: 'error' }
);
}
throw error;
})
: checkAuthWithoutAuthProvider(),
const checkAuth = useCallback<CheckAuth>(
async (
params: any = {},
logoutOnFailure = true,
redirectTo = loginUrl
) => {
// The authProvider is optional in react-admin
if (!authProvider) {
return checkAuthWithoutAuthProvider();
}
try {
return await authProvider.checkAuth(params);
} catch (error: any) {
if (logoutOnFailure) {
logout(
{},
error && error.redirectTo != null
? error.redirectTo
: redirectTo
);
const shouldSkipNotify = error && error.message === false;
!shouldSkipNotify &&
notify(
getErrorMessage(error, 'ra.auth.auth_check_error'),
{ type: 'error' }
);
}
throw error;
}
},
[authProvider, logout, notify, loginUrl]
);

return checkAuth;
};

const checkAuthWithoutAuthProvider = () => Promise.resolve();
const checkAuthWithoutAuthProvider = async () => undefined;

/**
* Check if the current user is authenticated by calling authProvider.checkAuth().
Expand Down
113 changes: 56 additions & 57 deletions packages/ra-core/src/auth/useLogoutIfAccessDenied.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,78 +55,77 @@ const useLogoutIfAccessDenied = (): LogoutIfAccessDenied => {
[navigate]
);

const logoutIfAccessDenied = useCallback(
(error?: any) => {
const logoutIfAccessDenied = useCallback<LogoutIfAccessDenied>(
async (error?: any) => {
if (!authProvider) {
return logoutIfAccessDeniedWithoutProvider();
}
return authProvider
.checkError(error)
.then(() => false)
.catch(async e => {
const logoutUser = e?.logoutUser ?? true;
//manual debounce
if (timer) {
// side effects already triggered in this tick, exit
return true;
}
timer = setTimeout(() => {
timer = undefined;
}, 0);
try {
await authProvider.checkError(error);
return false;
} catch (e: any) {
const logoutUser = e?.logoutUser ?? true;
// manual debounce
if (timer) {
return true; // side effects already triggered in this tick, exit
}
timer = setTimeout(() => {
timer = undefined;
}, 0);

const redirectTo =
e && e.redirectTo != null
? e.redirectTo
: error && error.redirectTo
? error.redirectTo
: undefined;
const redirectTo =
e && e.redirectTo != null
? e.redirectTo
: error && error.redirectTo
? error.redirectTo
: undefined;

const shouldNotify = !(
(e && e.message === false) ||
(error && error.message === false) ||
redirectTo?.startsWith('http')
);
if (shouldNotify) {
const shouldNotify = !(
(e && e.message === false) ||
(error && error.message === false) ||
redirectTo?.startsWith('http')
);
if (shouldNotify) {
try {
// notify only if not yet logged out
authProvider
.checkAuth({})
.then(() => {
if (logoutUser) {
notify(
getErrorMessage(
e,
'ra.notification.logged_out'
),
{ type: 'error' }
);
} else {
notify(
getErrorMessage(
e,
'ra.notification.not_authorized'
),
{ type: 'error' }
);
}
})
.catch(() => {});
await authProvider.checkAuth({});
if (logoutUser) {
notify(
getErrorMessage(
e,
'ra.notification.logged_out'
),
{ type: 'error' }
);
} else {
notify(
getErrorMessage(
e,
'ra.notification.not_authorized'
),
{ type: 'error' }
);
}
} catch {
// ignore
}
}

if (logoutUser) {
logout({}, redirectTo);
} else if (redirectTo) {
handleRedirect(redirectTo);
}
if (logoutUser) {
logout({}, redirectTo);
} else if (redirectTo) {
handleRedirect(redirectTo);
}

return true;
});
return true;
}
},
[authProvider, logout, notify, handleRedirect]
);
return logoutIfAccessDenied;
};

const logoutIfAccessDeniedWithoutProvider = () => Promise.resolve(false);
const logoutIfAccessDeniedWithoutProvider = async () => false;

/**
* Call the authProvider.authError() method, using the error passed as argument.
Expand Down
Loading