fixed login loop

This commit is contained in:
2026-01-10 19:23:47 +00:00
parent bef80c5bab
commit 6619269840
17 changed files with 5740 additions and 28 deletions
+43 -28
View File
@@ -194,6 +194,8 @@
const authed = await ensureAuth();
if (!authed) return;
const GRAPH_TOKEN_KEY = 'graphAccessToken';
// Initialize TokenManager for robust token handling
tokenManager = new TokenManager(pb);
await tokenManager.init();
@@ -254,15 +256,25 @@
if(userEmailEl && currentUserEmail) userEmailEl.textContent = currentUserEmail;
// Ensure Graph token is present via TokenManager
// Ensure Graph token is present via TokenManager (non-blocking).
// If missing, let the backend fall back to its env token instead of forcing a re-auth redirect.
async function ensureGraphToken(){
const token = await tokenManager.getToken();
if (token) return token;
// Only redirect if truly invalid (not just missing)
console.warn('[ensureGraphToken] No token available');
window.location.href = 'signin.html?reauth=1';
throw new Error('GRAPH_TOKEN missing');
console.warn('[ensureGraphToken] No Graph token available; proceeding without one');
return null;
}
// Attempt a graceful refresh of the Graph token without forcing logout
async function refreshGraphToken(){
if (!tokenManager) return null;
try {
const refreshed = await tokenManager.refreshToken();
if (refreshed) return refreshed;
} catch (err) {
console.warn('[refreshGraphToken] Refresh failed', err);
}
return null;
}
if (signOutBtn) {
@@ -915,8 +927,13 @@
if (!link || fileCache.has(link)) return; // Skip if no link or already cached
try {
const graphToken = await ensureGraphToken();
const headers = graphToken ? { 'x-graph-token': graphToken } : {};
// Best-effort preload: only run when we already have a Graph token to avoid reauth popups
const graphToken = await tokenManager.getToken();
if (!graphToken) {
console.warn('[preloadJobFiles] Skipping preload: missing Graph token');
return;
}
const headers = { 'x-graph-token': graphToken };
const controller = new AbortController();
const timeout = setTimeout(() => controller.abort(), 15000);
@@ -1367,7 +1384,7 @@
let resp = await fetch(`/api/job-files?link=${encodeURIComponent(link)}`, { headers, signal: controller.signal });
clearTimeout(timeout);
// If unauthorized, try to refresh Graph token once, then retry
// If unauthorized, try to refresh Graph token once, then retry (no redirects)
if (resp.status === 401) {
const refreshed = await refreshGraphToken();
if (refreshed) {
@@ -1379,8 +1396,17 @@
}
}
if (resp.status === 401) throw new Error('AUTH_EXPIRED');
if (resp.status === 500) throw new Error('GRAPH_TOKEN missing or expired');
// If still unauthorized or server missing token, prefer stale cache or open-in-new-tab without forcing reauth
if (resp.status === 401 || resp.status === 500) {
const cachedAgain = fileCache.get(link);
if (cachedAgain) {
fileListState.items = cachedAgain.items;
iframeLoader.classList.add('hidden');
renderFileGroups(link);
return;
}
throw new Error('AUTH_OR_GRAPH_TOKEN');
}
if (!resp.ok) throw new Error(`File list failed: ${resp.status}`);
const data = await resp.json();
const rootDriveId = data.driveId || '';
@@ -1397,13 +1423,13 @@
renderFileGroups(link);
} catch (err) {
console.error('job-files error', err);
const authExpired = err?.message === 'AUTH_EXPIRED' || String(err || '').includes('401');
const authExpired = err?.message === 'AUTH_OR_GRAPH_TOKEN' || String(err || '').includes('401');
const timedOut = err?.name === 'AbortError';
const friendly = authExpired
? 'Your Microsoft Graph session expired. Click Re-authenticate to sign in again.'
: timedOut
? 'Request timed out. If this keeps happening, re-authenticate and retry.'
: (err?.message || 'Unknown error');
const friendly = timedOut
? 'Request timed out. If this keeps happening, open the folder directly.'
: authExpired
? 'Access token unavailable. Open the folder directly while keeping your prior sign-in.'
: (err?.message || 'Unknown error');
iframeLoader.classList.remove('hidden');
iframeLoader.innerHTML = `
<div class="text-center max-w-md mx-auto px-4 space-y-3">
@@ -1411,20 +1437,9 @@
<div class="text-gray-600 text-sm">${friendly}</div>
<div class="flex items-center justify-center gap-2 flex-wrap">
<a href="${link}" target="_blank" rel="noopener" class="px-4 py-2 bg-blue-600 text-white rounded-lg hover:bg-blue-700 inline-block">Open folder instead</a>
<button id="reauthBtn" class="px-4 py-2 bg-gray-200 hover:bg-gray-300 rounded-lg text-sm text-gray-800">Re-authenticate</button>
</div>
</div>
`;
const reauthBtn = document.getElementById('reauthBtn');
if (reauthBtn) {
reauthBtn.addEventListener('click', () => {
try { pb?.authStore?.clear?.(); } catch {}
try { localStorage.removeItem(GRAPH_TOKEN_KEY); } catch {}
try { localStorage.removeItem('pocketbase_auth'); } catch {}
try { sessionStorage.clear(); } catch {}
window.location.href = 'signin.html';
});
}
}
}