Merge branch 'auth-fixes' into 'develop'

Auth fixes, fixes #636 Closes #636 See merge request soapbox-pub/soapbox-fe!493
2021-05-08 03:56:48 +00:00 · 2021-05-08 03:56:48 +00:00 · aa575b1010
commit aa575b1010
--- a/app/soapbox/actions/auth.js
+++ b/app/soapbox/actions/auth.js
@ -2,7 +2,7 @@ import api, { baseClient } from '../api';
 import { importFetchedAccount } from './importer';
 import snackbar from 'soapbox/actions/snackbar';
 import { createAccount } from 'soapbox/actions/accounts';
-import { fetchMeSuccess } from 'soapbox/actions/me';
+import { fetchMeSuccess, fetchMeFail } from 'soapbox/actions/me';

 export const SWITCH_ACCOUNT = 'SWITCH_ACCOUNT';

@ -136,14 +136,16 @@ export function otpVerify(code, mfa_token) {

 export function verifyCredentials(token) {
  return (dispatch, getState) => {
+    const me = getState().get('me');
    dispatch({ type: VERIFY_CREDENTIALS_REQUEST });

    return baseClient(token).get('/api/v1/accounts/verify_credentials').then(({ data: account }) => {
      dispatch(importFetchedAccount(account));
      dispatch({ type: VERIFY_CREDENTIALS_SUCCESS, token, account });
-      if (account.id === getState().get('me')) dispatch(fetchMeSuccess(account));
+      if (account.id === me) dispatch(fetchMeSuccess(account));
      return account;
    }).catch(error => {
+      if (me === null) dispatch(fetchMeFail(error));
      dispatch({ type: VERIFY_CREDENTIALS_FAIL, token, error });
    });
  };
--- a/app/soapbox/reducers/tests/auth-test.js
+++ b/app/soapbox/reducers/tests/auth-test.js
@ -179,7 +179,7 @@ describe('auth reducer', () => {
  });

  describe('VERIFY_CREDENTIALS_FAIL', () => {
-    it('should delete the failed token', () => {
+    it('should delete the failed token if it 403\'d', () => {
      const state = fromJS({
        tokens: {
          'ABCDEFG': { token_type: 'Bearer', access_token: 'ABCDEFG' },
@ -191,7 +191,12 @@ describe('auth reducer', () => {
        'HIJKLMN': { token_type: 'Bearer', access_token: 'HIJKLMN' },
      });

-      const action = { type: VERIFY_CREDENTIALS_FAIL, token: 'ABCDEFG' };
+      const action = {
+        type: VERIFY_CREDENTIALS_FAIL,
+        token: 'ABCDEFG',
+        error: { response: { status: 403 } },
+      };
+
      const result = reducer(state, action);
      expect(result.get('tokens')).toEqual(expected);
    });
@ -208,7 +213,12 @@ describe('auth reducer', () => {
        '5678': { id: '5678', access_token: 'HIJKLMN' },
      });

-      const action = { type: VERIFY_CREDENTIALS_FAIL, token: 'ABCDEFG' };
+      const action = {
+        type: VERIFY_CREDENTIALS_FAIL,
+        token: 'ABCDEFG',
+        error: { response: { status: 403 } },
+      };
+
      const result = reducer(state, action);
      expect(result.get('users')).toEqual(expected);
    });
@ -222,7 +232,12 @@ describe('auth reducer', () => {
        },
      });

-      const action = { type: VERIFY_CREDENTIALS_FAIL, token: 'ABCDEFG' };
+      const action = {
+        type: VERIFY_CREDENTIALS_FAIL,
+        token: 'ABCDEFG',
+        error: { response: { status: 403 } },
+      };
+
      const result = reducer(state, action);
      expect(result.get('me')).toEqual('5678');
    });
--- a/app/soapbox/reducers/auth.js
+++ b/app/soapbox/reducers/auth.js
@ -155,7 +155,7 @@ const reducer = (state, action) => {
  case VERIFY_CREDENTIALS_SUCCESS:
    return importCredentials(state, action.token, action.account);
  case VERIFY_CREDENTIALS_FAIL:
-    return deleteToken(state, action.token);
+    return action.error.response.status === 403 ? deleteToken(state, action.token) : state;
  case SWITCH_ACCOUNT:
    return state.set('me', action.accountId);
  default: