Merge branch 'auth-fixes' into 'develop'

Auth fixes, fixes #636

Closes #636

See merge request soapbox-pub/soapbox-fe!493

app/soapbox/actions/auth.js

@@ -2,7 +2,7 @@ import api, { baseClient } from '../api';
 import { importFetchedAccount } from './importer';
 import snackbar from 'soapbox/actions/snackbar';
 import { createAccount } from 'soapbox/actions/accounts';
-import { fetchMeSuccess } from 'soapbox/actions/me';
+import { fetchMeSuccess, fetchMeFail } from 'soapbox/actions/me';
 
 export const SWITCH_ACCOUNT = 'SWITCH_ACCOUNT';
 
@@ -136,14 +136,16 @@ export function otpVerify(code, mfa_token) {
 
 export function verifyCredentials(token) {
   return (dispatch, getState) => {
+    const me = getState().get('me');
     dispatch({ type: VERIFY_CREDENTIALS_REQUEST });
 
     return baseClient(token).get('/api/v1/accounts/verify_credentials').then(({ data: account }) => {
       dispatch(importFetchedAccount(account));
       dispatch({ type: VERIFY_CREDENTIALS_SUCCESS, token, account });
-      if (account.id === getState().get('me')) dispatch(fetchMeSuccess(account));
+      if (account.id === me) dispatch(fetchMeSuccess(account));
       return account;
     }).catch(error => {
+      if (me === null) dispatch(fetchMeFail(error));
       dispatch({ type: VERIFY_CREDENTIALS_FAIL, token, error });
     });
   };

app/soapbox/reducers/__tests__/auth-test.js

@@ -179,7 +179,7 @@ describe('auth reducer', () => {
   });
 
   describe('VERIFY_CREDENTIALS_FAIL', () => {
-    it('should delete the failed token', () => {
+    it('should delete the failed token if it 403\'d', () => {
       const state = fromJS({
         tokens: {
           'ABCDEFG': { token_type: 'Bearer', access_token: 'ABCDEFG' },
@@ -191,7 +191,12 @@ describe('auth reducer', () => {
         'HIJKLMN': { token_type: 'Bearer', access_token: 'HIJKLMN' },
       });
 
-      const action = { type: VERIFY_CREDENTIALS_FAIL, token: 'ABCDEFG' };
+      const action = {
+        type: VERIFY_CREDENTIALS_FAIL,
+        token: 'ABCDEFG',
+        error: { response: { status: 403 } },
+      };
+
       const result = reducer(state, action);
       expect(result.get('tokens')).toEqual(expected);
     });
@@ -208,7 +213,12 @@ describe('auth reducer', () => {
         '5678': { id: '5678', access_token: 'HIJKLMN' },
       });
 
-      const action = { type: VERIFY_CREDENTIALS_FAIL, token: 'ABCDEFG' };
+      const action = {
+        type: VERIFY_CREDENTIALS_FAIL,
+        token: 'ABCDEFG',
+        error: { response: { status: 403 } },
+      };
+
       const result = reducer(state, action);
       expect(result.get('users')).toEqual(expected);
     });
@@ -222,7 +232,12 @@ describe('auth reducer', () => {
         },
       });
 
-      const action = { type: VERIFY_CREDENTIALS_FAIL, token: 'ABCDEFG' };
+      const action = {
+        type: VERIFY_CREDENTIALS_FAIL,
+        token: 'ABCDEFG',
+        error: { response: { status: 403 } },
+      };
+
       const result = reducer(state, action);
       expect(result.get('me')).toEqual('5678');
     });

app/soapbox/reducers/auth.js

@@ -155,7 +155,7 @@ const reducer = (state, action) => {
   case VERIFY_CREDENTIALS_SUCCESS:
     return importCredentials(state, action.token, action.account);
   case VERIFY_CREDENTIALS_FAIL:
-    return deleteToken(state, action.token);
+    return action.error.response.status === 403 ? deleteToken(state, action.token) : state;
   case SWITCH_ACCOUNT:
     return state.set('me', action.accountId);
   default: