feat: enhance session handling in useSession and auth-fetch

- Introduced fetchSession function to streamline session fetching logic. - Updated useSession to handle 401 errors by refreshing the session when necessary. - Modified getDesktopAccessToken to accept options for forced token refresh, improving desktop authentication flow.
2026-06-26 21:39:43 +02:00 · 2026-06-26 21:25:00 +05:30 · 2026-06-26 21:25:00 +05:30 · 013fae6eba
commit 013fae6eba
parent 23c128dd0d
2 changed files with 24 additions and 7 deletions
--- a/surfsense_web/hooks/use-session.ts
+++ b/surfsense_web/hooks/use-session.ts
@ -1,6 +1,7 @@
 "use client";

 import { useCallback, useEffect, useState } from "react";
+import { refreshSession } from "@/lib/auth-utils";
 import { buildBackendUrl } from "@/lib/env-config";

 type SessionState =
@ -17,6 +18,13 @@ async function getSessionHeaders(): Promise<HeadersInit> {
 	return token ? { Authorization: `Bearer ${token}` } : {};
 }

+async function fetchSession(): Promise<Response> {
+	return fetch(buildBackendUrl("/auth/session"), {
+		credentials: "include",
+		headers: await getSessionHeaders(),
+	});
+}
+
 export function useSession() {
 	const [state, setState] = useState<SessionState>({
 		status: "loading",
@ -26,10 +34,13 @@ export function useSession() {

 	const refresh = useCallback(async () => {
 		try {
-			const response = await fetch(buildBackendUrl("/auth/session"), {
-				credentials: "include",
-				headers: await getSessionHeaders(),
-			});
+			let response = await fetchSession();
+			if (response.status === 401) {
+				const refreshed = await refreshSession();
+				if (refreshed) {
+					response = await fetchSession();
+				}
+			}
 			if (!response.ok) {
 				setState({
 					status: "unauthenticated",
--- a/surfsense_web/lib/auth-fetch.ts
+++ b/surfsense_web/lib/auth-fetch.ts
@ -3,6 +3,10 @@ import { handleUnauthorized, isDesktopClient, refreshSession } from "@/lib/auth-
 let desktopAccessToken: string | null = null;
 let didSubscribeToDesktopAuth = false;

+type DesktopAccessTokenOptions = {
+	forceRefresh?: boolean;
+};
+
 function subscribeToDesktopAuth(): void {
 	if (didSubscribeToDesktopAuth || typeof window === "undefined" || !window.electronAPI) {
 		return;
@ -17,10 +21,12 @@ function subscribeToDesktopAuth(): void {
 	});
 }

-export async function getDesktopAccessToken(): Promise<string | null> {
+export async function getDesktopAccessToken(
+	options: DesktopAccessTokenOptions = {}
+): Promise<string | null> {
 	if (!isDesktopClient()) return null;
 	subscribeToDesktopAuth();
-	if (desktopAccessToken) return desktopAccessToken;
+	if (desktopAccessToken && !options.forceRefresh) return desktopAccessToken;
 	const token = (await window.electronAPI?.getAccessToken?.()) || null;
 	desktopAccessToken = token;
 	return token;
@ -55,7 +61,7 @@ export async function authenticatedFetch(
 		if (!skipRefresh) {
 			const refreshed = await refreshSession();
 			if (refreshed) {
-				const newToken = await getDesktopAccessToken();
+				const newToken = await getDesktopAccessToken({ forceRefresh: true });
 				return fetch(url, {
 					...fetchOptions,
 					headers: {