diff --git a/dashboard/frontend/src/App.svelte b/dashboard/frontend/src/App.svelte index 68c18d0..95e2b20 100644 --- a/dashboard/frontend/src/App.svelte +++ b/dashboard/frontend/src/App.svelte @@ -121,14 +121,12 @@ // Proxy auth not available, fall through to regular auth } - // Regular token auth check - if (!getToken()) { - const refreshed = await tryRefreshSession(); - if (!refreshed) { - loading = false; - authorized = false; - return; - } + // Regular token auth check — always try refresh to get fresh cookies + const refreshed = await tryRefreshSession(); + if (!refreshed && !getToken()) { + loading = false; + authorized = false; + return; } try { diff --git a/dashboard/frontend/src/routes/Terminal.svelte b/dashboard/frontend/src/routes/Terminal.svelte index c40a5a5..851dbbf 100644 --- a/dashboard/frontend/src/routes/Terminal.svelte +++ b/dashboard/frontend/src/routes/Terminal.svelte @@ -266,18 +266,14 @@ } async function connect(forceRefresh = false) { - // Always refresh token before first connection to ensure fresh cookies let d = tabData.get(tabId); - const isFirstConnect = !d?.hasConnectedOnce; - if (forceRefresh || isFirstConnect) { + if (forceRefresh) { const refreshed = await tryRefreshSession(); if (!refreshed) { handleAuthExpired(); return null; } - // Mark that we've connected once with fresh token - if (d) d.hasConnectedOnce = true; } const ws = new WebSocket(