Skip to content

fix(bd-3o8zmz46): evidence-based session expiry handling in hub-client#268

Merged
shikokuchuo merged 3 commits into
mainfrom
bugfix/bd-3o8zmz46-ws-auth-expiry
Jun 10, 2026
Merged

fix(bd-3o8zmz46): evidence-based session expiry handling in hub-client#268
shikokuchuo merged 3 commits into
mainfrom
bugfix/bd-3o8zmz46-ws-auth-expiry

Conversation

@shikokuchuo

@shikokuchuo shikokuchuo commented Jun 10, 2026

Copy link
Copy Markdown
Member

When the Google ID token expired and One Tap renewal was unavailable, the hub 401'd every Automerge WS upgrade while the SPA stayed "logged in" showing a permanent "working offline" banner (bd-3o8zmz46).

  • /auth/me now reports the token's exp so the client schedules refresh from the real expiry (removing the refocus drift bug)
  • new useAuthProbe polls /auth/me while sync is disconnected and escalates on two consecutive 401s (renewal first, then an explicit "session expired" login screen)
  • network errors never clear auth, so genuine offline editing is unaffected

/auth/me now reports the token's exp and the client schedules refresh
from it (removing the refocus drift bug); a new useAuthProbe polls
/auth/me while sync is disconnected (two-strike 401 escalation);
network errors never log the user out; the login screen says when the
session expired.
@shikokuchuo shikokuchuo force-pushed the bugfix/bd-3o8zmz46-ws-auth-expiry branch from ec38d81 to 5b14edd Compare June 10, 2026 13:08
@shikokuchuo shikokuchuo merged commit 076971b into main Jun 10, 2026
4 of 5 checks passed
@shikokuchuo shikokuchuo deleted the bugfix/bd-3o8zmz46-ws-auth-expiry branch June 10, 2026 13:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant