diff --git a/frontend/src/components/Modals/Password/index.jsx b/frontend/src/components/Modals/Password/index.jsx
index 00fefe4edaee5946a45a0cb7a130aa772540c746..d31b80fdf727d33bd20e8421c8c667af0214a4a3 100644
--- a/frontend/src/components/Modals/Password/index.jsx
+++ b/frontend/src/components/Modals/Password/index.jsx
@@ -34,7 +34,7 @@ export default function PasswordModal({ mode = "single" }) {
);
}
-export function usePasswordModal() {
+export function usePasswordModal(notry = false) {
const [auth, setAuth] = useState({
loading: true,
requiresAuth: false,
@@ -47,7 +47,7 @@ export function usePasswordModal() {
// If the last validity check is still valid
// we can skip the loading.
- if (!System.needsAuthCheck()) {
+ if (!System.needsAuthCheck() && notry === false) {
setAuth({
loading: false,
requiresAuth: false,
@@ -60,7 +60,7 @@ export function usePasswordModal() {
if (settings?.MultiUserMode) {
const currentToken = window.localStorage.getItem(AUTH_TOKEN);
if (!!currentToken) {
- const valid = await System.checkAuth(currentToken);
+ const valid = notry ? false : await System.checkAuth(currentToken);
if (!valid) {
setAuth({
loading: false,
@@ -102,7 +102,7 @@ export function usePasswordModal() {
const currentToken = window.localStorage.getItem(AUTH_TOKEN);
if (!!currentToken) {
- const valid = await System.checkAuth(currentToken);
+ const valid = notry ? false : await System.checkAuth(currentToken);
if (!valid) {
setAuth({
loading: false,
@@ -110,6 +110,8 @@ export function usePasswordModal() {
mode: "single",
});
window.localStorage.removeItem(AUTH_TOKEN);
+ window.localStorage.removeItem(AUTH_USER);
+ window.localStorage.removeItem(AUTH_TIMESTAMP);
return;
} else {
setAuth({
diff --git a/frontend/src/components/PrivateRoute/index.jsx b/frontend/src/components/PrivateRoute/index.jsx
index 165141bbb3a67de6333db69b614107a7803cbf24..1b4c71fbd940380de8b3e1fd4b216be4c2b0ad61 100644
--- a/frontend/src/components/PrivateRoute/index.jsx
+++ b/frontend/src/components/PrivateRoute/index.jsx
@@ -136,6 +136,6 @@ export default function PrivateRoute({ Component }) {
<Component />
</UserMenu>
) : (
- <Navigate to={paths.login()} />
+ <Navigate to={paths.login(true)} />
);
}
diff --git a/frontend/src/pages/Login/index.jsx b/frontend/src/pages/Login/index.jsx
index cf8ab249300fe2fdc4fa3eabe161714677bcf0ed..4e77a5c6624d34972a4b04b6f3a680e5f45b389e 100644
--- a/frontend/src/pages/Login/index.jsx
+++ b/frontend/src/pages/Login/index.jsx
@@ -3,9 +3,11 @@ import PasswordModal, { usePasswordModal } from "@/components/Modals/Password";
import { FullScreenLoader } from "@/components/Preloader";
import { Navigate } from "react-router-dom";
import paths from "@/utils/paths";
+import useQuery from "@/hooks/useQuery";
export default function Login() {
- const { loading, requiresAuth, mode } = usePasswordModal();
+ const query = useQuery();
+ const { loading, requiresAuth, mode } = usePasswordModal(!!query.get("nt"));
if (loading) return <FullScreenLoader />;
if (requiresAuth === false) return <Navigate to={paths.home()} />;
diff --git a/frontend/src/utils/paths.js b/frontend/src/utils/paths.js
index 0f42e2237a67248854b99fd9532bd63bbff92ec9..5625fafb9067f41118b6319512a164ef01fb035c 100644
--- a/frontend/src/utils/paths.js
+++ b/frontend/src/utils/paths.js
@@ -4,8 +4,8 @@ export default {
home: () => {
return "/";
},
- login: () => {
- return "/login";
+ login: (noTry = false) => {
+ return `/login${noTry ? "?nt=1" : ""}`;
},
onboarding: {
home: () => {
diff --git a/server/utils/middleware/validatedRequest.js b/server/utils/middleware/validatedRequest.js
index 6f3df26dabbf22fe5f64026ac9354a9169e960e6..551090a07ae6fe30f4c9a565a968c567b72961d9 100644
--- a/server/utils/middleware/validatedRequest.js
+++ b/server/utils/middleware/validatedRequest.js
@@ -38,9 +38,17 @@ async function validatedRequest(request, response, next) {
const bcrypt = require("bcrypt");
const { p } = decodeJWT(token);
+
+ if (p === null) {
+ response.status(401).json({
+ error: "Token expired or failed validation.",
+ });
+ return;
+ }
+
if (!bcrypt.compareSync(p, bcrypt.hashSync(process.env.AUTH_TOKEN, 10))) {
response.status(401).json({
- error: "Invalid auth token found.",
+ error: "Invalid auth credentials.",
});
return;
}