CodeCow/stack
1
0
Fork 0
mirror of https://github.com/stack-auth/stack.git synced 2026-06-13 21:01:21 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Fix "Invalid API key" bug with reload hack

Browse Source
This commit is contained in:
Stan Wohlwend 2024-03-04 16:06:53 +01:00
parent 7236186d92
commit f93858900f
2 changed files with 21 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
packages/stack-server/src/app/api/v1/api-keys/route.tsx
View File

@ -65,7 +65,7 @@ export const POST = smartRouteHandler(async (req: NextRequest) => {
} = await parseRequest(req, postSchema);
if (!await checkApiKeySet(projectId, { superSecretAdminKey }) && !await isProjectAdmin(projectId, adminAccessToken)) {
throw new StatusError(StatusError.Forbidden);
throw new StatusError(StatusError.Forbidden, "Invalid API key");
}
const created = await createApiKeySet(

28
packages/stack-shared/src/interface/clientInterface.ts
View File

@ -21,7 +21,7 @@ import { parseJson } from '../utils/json';
import { AsyncCache, AsyncValueCache } from '../utils/caches';
import { typedAssign } from '../utils/objects';
import { AsyncStore } from '../utils/stores';
import { runAsynchronously } from '../utils/promises';
import { neverResolve, runAsynchronously } from '../utils/promises';
export type UserCustomizableJson = {
readonly projectId: string,
@ -252,13 +252,25 @@ export class StackClientInterface {
refreshToken: null,
});
return await Result.orThrowAsync(
Result.retry(
() => this.sendClientRequestInner(path, requestOptions, tokenStore!),
5,
{ exponentialDelayBase: 1000 },
)
);
try {
return await Result.orThrowAsync(
Result.retry(
() => this.sendClientRequestInner(path, requestOptions, tokenStore!),
5,
{ exponentialDelayBase: 1000 },
)
);
} catch (error: any) {
// TODO this is a hack. Occurs when the admin access token is invalid, or expired. Has plenty of weird side effects so we should replace this
if ("internalAdminAccessToken" in this.options && error?.message?.includes?.("Invalid API key") && typeof window !== "undefined") {
alert("Your session has expired. The page will now reload." + (process.env.NODE_ENV == "development" ? "\n\nThis is a hack and we should probably fix this at some point." : ""));
window.location.reload();
await neverResolve();
}
throw error;
}
}
protected async sendClientRequestAndCatchKnownError<E>(