-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
checkAuth should also commit purgeAuth when an error is catched #159
Comments
No one actually encountered this problem? |
^ Exactly what I've changed when building from this template. Because with the current repo state for e.g. when jwt token expires and your API starts sending you 401 (Unauthorized) - your front-end stays on the same page, rather than committing a purgAuth commit and pushing you to Login page. |
thank guys to pointing out of this bug, I stuck in that 2 days |
vue-realworld-example-app/src/store/auth.module.js
Lines 56 to 69 in e9edd6f
As it currently stands, when the JWT token expires or is invalid the user will be permanently stuck in the isAuthenticated state. You can test it for yourselves by going to https://vue-vuex-realworld.netlify.com/, log in and then delete the token from local storage or alter it a bit and then either go to a new route or refresh the page and see what happens.
I think this is a pretty serious issue.
When the authentication check fails (401), we should also commit the purgeAuth mutation in order to clear the state.
The text was updated successfully, but these errors were encountered: