fix(auth): force invalidate invalid session cookies in middleware (#1358)

* fix(auth): invalidate session cookies in middleware * fix(auth): set path for invalid cookie
2025-07-23 08:49:13 +00:00 · 2024-01-20 20:10:26 +01:00 · 2024-01-20 20:10:26 +01:00 · f488c88f1b
commit f488c88f1b
parent eb626de683
4 changed files with 62 additions and 34 deletions
--- a/web/src/api/APIClient.ts
+++ b/web/src/api/APIClient.ts
@ -89,10 +89,18 @@ export async function HttpClient<T = unknown>(
  case 401: {
    // Remove auth info from localStorage
    AuthContext.reset();
-  }

    // Show an error toast to notify the user what occurred
-    return Promise.reject(new Error(`[401] Unauthorized: "${endpoint}"`));
+    // return Promise.reject(new Error(`[401] Unauthorized: "${endpoint}"`));
+    return Promise.reject(response);
+  }
+  case 403: {
+    // Remove auth info from localStorage
+    AuthContext.reset();
+
+    // Show an error toast to notify the user what occurred
+    return Promise.reject(response);
+  }
  case 404: {
    return Promise.reject(new Error(`[404] Not found: "${endpoint}"`));
  }
@ -105,6 +113,10 @@ export async function HttpClient<T = unknown>(
    }
    break;
  }
+  case 503: {
+    // Show an error toast to notify the user what occurred
+    return Promise.reject(new Error(`[503] Service unavailable: "${endpoint}"`));
+  }
  default:
    break;
  }