messy logout fixing

2025-12-15 12:01:41 +00:00
parent 06e5f252a4
commit 4fb3a144d7
27 changed files with 4396 additions and 95 deletions
--- a/LOGOUT-DEBUGGING-QUICK-REF.md
+++ b/LOGOUT-DEBUGGING-QUICK-REF.md
@@ -0,0 +1,206 @@
+# Logout Debugging - Quick Reference
+
+## 🚀 Quick Deploy
+
+```bash
+cd /data/app/igny8
+./scripts/deploy-logout-debugging.sh
+```
+
+## 🔍 What to Watch
+
+### Console Logs (Every 30 seconds)
+```
+[TokenMonitor] ℹ️ Access token: 45 minutes until expiry
+[TokenMonitor] ℹ️ Refresh token: 19 days, 12 hours until expiry
+```
+
+### When Logout Happens
+```
+[LogoutTracker] 🚨 Logout triggered
+[LogoutTracker] Type: TOKEN_EXPIRED
+[LogoutTracker] Message: [Exact reason]
+[LogoutTracker] Idle time: 23 minutes
+```
+
+## 🛠️ Debug Tools
+
+### Debug Panel
+- **Open:** Press `Ctrl+Shift+D` or click 🔍 button
+- **Shows:** Auth status, token expiry, recent logouts
+- **Action:** "Log Full State to Console" button
+
+### Browser Console Commands
+```javascript
+// Get token status
+window.__tokenMonitor.getTokenStatus()
+
+// Get logout history
+JSON.parse(localStorage.getItem('logout_history') || '[]')
+
+// Get last logout reason
+sessionStorage.getItem('last_logout_reason')
+
+// Check auth state
+JSON.parse(localStorage.getItem('auth-storage'))
+```
+
+### Backend Logs
+```bash
+# Watch for logout events
+docker logs -f igny8-backend | grep "LOGOUT EVENT"
+
+# Check all auth activity
+docker logs igny8-backend | grep -E "LOGOUT|TOKEN|AUTH"
+```
+
+## 📊 What Data Tells Us
+
+### If `Type: TOKEN_EXPIRED`
+- Token actually expired OR
+- Code incorrectly checking expiry
+- **Check:** Token status in logs - was it really expired?
+
+### If `Type: REFRESH_FAILED`
+- Refresh endpoint returned 401
+- RefreshToken model rejecting valid token OR
+- Backend bug
+- **Check:** Backend logs for refresh endpoint errors
+
+### If `Type: AUTH_ERROR`
+- 403/402 error triggered logout (shouldn't happen)
+- Error classification bug in api-new.ts
+- **Check:** Network tab for failed API calls before logout
+
+### If `Type: UNKNOWN`
+- JavaScript error OR
+- Browser extension OR
+- Multi-tab coordination issue
+- **Check:** Console for JS errors, test in incognito
+
+## ⏱️ Expected Timeline
+
+### With Remember Me = True:
+```
+T+0:     Login → Access: 60min, Refresh: 20d
+T+60min: Auto-refresh → Access: 60min, Refresh: ~19d 23h
+T+120min: Auto-refresh → Access: 60min, Refresh: ~19d 22h
+...continues until refresh token expires after 20 days...
+T+20d:   Logout → Type: REFRESH_FAILED
+```
+
+### Bug Scenario (What We're Debugging):
+```
+T+0:     Login → Access: 60min, Refresh: 20d
+T+25min: 🚨 LOGOUT → Access: 35min left, Refresh: 19d 23h left
+         ^ This is the bug! Tokens still valid but logout occurred
+```
+
+## 🎯 Critical Data Points
+
+When logout happens, capture:
+
+1. **Type:** USER_ACTION | TOKEN_EXPIRED | REFRESH_FAILED | AUTH_ERROR | UNKNOWN
+2. **Idle Minutes:** How long user was inactive
+3. **Access Token Status:** Time remaining (from TokenMonitor logs)
+4. **Refresh Token Status:** Time remaining (from TokenMonitor logs)
+5. **Location:** Which page user was on
+6. **Last API Call:** Check Network tab
+7. **Console Errors:** Any JavaScript errors
+8. **Backend Logs:** What backend received
+
+## 📍 Where to Find Data
+
+| Data Point | Location |
+|------------|----------|
+| Token status logs | Browser Console (every 30s) |
+| Logout event details | Browser Console (when logout) |
+| Visual alert | Modal overlay (3 sec before redirect) |
+| Logout reason | Signin page banner |
+| Backend logs | `docker logs igny8-backend` |
+| Logout history | Debug Panel (Ctrl+Shift+D) |
+| Full state | Debug Panel → "Log Full State" |
+
+## 🔧 Common Issues
+
+### No console logs?
+```javascript
+// Check if monitor started
+window.__tokenMonitor
+// Should return: TokenExpiryMonitor { ... }
+```
+
+### No alert before logout?
+```javascript
+// Check if tracker loaded
+localStorage.getItem('logout_history')
+// Should return: JSON array
+```
+
+### Backend not receiving events?
+```bash
+# Test endpoint
+curl -X POST http://localhost:8000/api/v1/auth/logout-event/ \
+  -H "Content-Type: application/json" \
+  -d '{"type":"TEST","message":"test"}'
+```
+
+### No banner on signin page?
+```javascript
+// Check if reason stored
+sessionStorage.getItem('last_logout_reason')
+// Should return: JSON object after logout
+```
+
+## 📝 Test Procedure
+
+1. **Login** with "Remember me for 20 days" checked
+2. **Open** Browser DevTools (F12) → Console tab
+3. **Verify** Token monitor logs every 30 seconds
+4. **Wait** 25+ minutes (can minimize, but keep tab open)
+5. **Watch** for logout event in console
+6. **Capture** all data:
+   - Console screenshot
+   - Network tab screenshot
+   - Backend logs: `docker logs igny8-backend | tail -50`
+7. **Check** signin page for logout banner
+8. **Analyze** collected data to identify root cause
+
+## 📞 Support Data Export
+
+If issue persists, export:
+
+```javascript
+// 1. Token status
+copy(JSON.stringify(window.__tokenMonitor.getTokenStatus(), null, 2))
+
+// 2. Logout history
+copy(localStorage.getItem('logout_history'))
+
+// 3. Last logout reason
+copy(sessionStorage.getItem('last_logout_reason'))
+
+// 4. Full auth state
+copy(localStorage.getItem('auth-storage'))
+```
+
+```bash
+# 5. Backend logs
+docker logs igny8-backend > backend-logs.txt
+```
+
+## 🎉 Success Criteria
+
+After identifying root cause and fixing:
+
+- [x] User logs in with remember_me=true
+- [x] User can idle for 25+ minutes without logout
+- [x] Access token auto-refreshes after 1 hour
+- [x] Logout only occurs at 20 days (refresh token expiry)
+- [x] Console logs confirm: "Access: 35min, Refresh: 19d 23h" at T+25min
+- [x] No unexpected logout events in history
+
+---
+
+**Full Documentation:** See `LOGOUT-DEBUGGING-COMPLETE-SUMMARY.md`
+**Deployment Guide:** See `LOGOUT-DEBUGGING-DEPLOYMENT.md`