logo out issues fixes

2025-12-15 16:08:47 +00:00
parent 25f1c32366
commit 5366cc1805
14 changed files with 2327 additions and 51 deletions
--- a/frontend/src/services/api.ts
+++ b/frontend/src/services/api.ts
@@ -195,6 +195,27 @@ export async function fetchAPI(endpoint: string, options?: RequestInit & { timeo
          // Don't logout for permission errors or plan issues
          const authState = useAuthStore.getState();
          if (authState?.isAuthenticated || authState?.token) {
+            const logoutReasonData = {
+              code: 'AUTH_CREDENTIALS_MISSING',
+              message: errorMessage,
+              path: window.location.pathname,
+              context: { 
+                errorData,
+                hasToken: !!authState?.token,
+                isAuthenticated: authState?.isAuthenticated 
+              },
+              timestamp: new Date().toISOString(),
+              source: 'api_403_auth_error'
+            };
+            console.error('🚨 LOGOUT TRIGGERED - Authentication Credentials Missing:', logoutReasonData);
+            
+            // Store logout reason before logout
+            try {
+              localStorage.setItem('logout_reason', JSON.stringify(logoutReasonData));
+            } catch (e) {
+              console.warn('Failed to store logout reason:', e);
+            }
+            
            console.warn('Authentication credentials missing - forcing logout');
            const { logout } = useAuthStore.getState();
            logout();
@@ -244,6 +265,50 @@ export async function fetchAPI(endpoint: string, options?: RequestInit & { timeo

    // Handle 401 Unauthorized - try to refresh token
    if (response.status === 401) {
+      // Parse error to check for logout reason from backend
+      let logoutReason = null;
+      try {
+        const errorData = text ? JSON.parse(text) : null;
+        if (errorData?.logout_reason) {
+          logoutReason = {
+            code: errorData.logout_reason,
+            message: errorData.logout_message || errorData.error,
+            path: errorData.logout_path || window.location.pathname,
+            context: errorData.logout_context || {},
+            timestamp: new Date().toISOString(),
+            source: 'backend_middleware'
+          };
+          console.error('🚨 BACKEND FORCED LOGOUT:', logoutReason);
+          
+          // CRITICAL: Store logout reason IMMEDIATELY
+          try {
+            localStorage.setItem('logout_reason', JSON.stringify(logoutReason));
+            console.error('✅ Stored backend logout reason');
+          } catch (e) {
+            console.error('❌ Failed to store logout reason:', e);
+          }
+          
+          // If backend explicitly logged us out (session contamination, etc),
+          // DON'T try to refresh - respect the forced logout
+          console.error('⛔ Backend forced logout - not attempting token refresh');
+          const { logout } = useAuthStore.getState();
+          logout();
+          
+          // Throw error to stop request processing
+          let err: any = new Error(errorData.error || 'Session ended');
+          err.status = 401;
+          err.data = errorData;
+          throw err;
+        }
+      } catch (e) {
+        // If we just threw the error above, re-throw it
+        if (e instanceof Error && (e as any).status === 401) {
+          throw e;
+        }
+        console.warn('Failed to parse logout reason from 401 response:', e);
+      }
+
+      // No explicit logout reason from backend, try token refresh
      const refreshToken = getRefreshToken();
      if (refreshToken) {
        try {
@@ -318,12 +383,49 @@ export async function fetchAPI(endpoint: string, options?: RequestInit & { timeo
          }
        } catch (refreshError) {
          // Refresh failed, clear auth state and force re-login
+          const logoutReasonData = {
+            code: 'TOKEN_REFRESH_FAILED',
+            message: 'Token refresh failed - session expired',
+            path: window.location.pathname,
+            context: { 
+              error: refreshError instanceof Error ? refreshError.message : String(refreshError),
+              endpoint,
+            },
+            timestamp: new Date().toISOString(),
+            source: 'token_refresh_failure'
+          };
+          console.error('🚨 LOGOUT TRIGGERED - Token Refresh Failed:', logoutReasonData);
+          
+          // Store logout reason before logout
+          try {
+            localStorage.setItem('logout_reason', JSON.stringify(logoutReasonData));
+          } catch (e) {
+            console.warn('Failed to store logout reason:', e);
+          }
+          
          const { logout } = useAuthStore.getState();
          logout();
          throw refreshError;
        }
      } else {
        // No refresh token available, clear auth state
+        const logoutReasonData = {
+          code: 'NO_REFRESH_TOKEN',
+          message: 'No refresh token available - please login again',
+          path: window.location.pathname,
+          context: { endpoint },
+          timestamp: new Date().toISOString(),
+          source: 'missing_refresh_token'
+        };
+        console.error('🚨 LOGOUT TRIGGERED - No Refresh Token:', logoutReasonData);
+        
+        // Store logout reason before logout
+        try {
+          localStorage.setItem('logout_reason', JSON.stringify(logoutReasonData));
+        } catch (e) {
+          console.warn('Failed to store logout reason:', e);
+        }
+        
        const { logout } = useAuthStore.getState();
        logout();
      }