From 0c45efc0caa5a5b84a1317ee6d055e60806a830b Mon Sep 17 00:00:00 2001 From: "Gan, Jimmy" Date: Fri, 20 Mar 2026 00:21:25 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20terminal=20auth=20=E2=80=94=20skip=20pre?= =?UTF-8?q?-emptive=20refresh,=20always=20refresh=20on=20app=20load=20for?= =?UTF-8?q?=20fresh=20cookies?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- dashboard/frontend/src/App.svelte | 14 ++++++-------- dashboard/frontend/src/routes/Terminal.svelte | 6 +----- 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/dashboard/frontend/src/App.svelte b/dashboard/frontend/src/App.svelte index 68c18d0..95e2b20 100644 --- a/dashboard/frontend/src/App.svelte +++ b/dashboard/frontend/src/App.svelte @@ -121,14 +121,12 @@ // Proxy auth not available, fall through to regular auth } - // Regular token auth check - if (!getToken()) { - const refreshed = await tryRefreshSession(); - if (!refreshed) { - loading = false; - authorized = false; - return; - } + // Regular token auth check — always try refresh to get fresh cookies + const refreshed = await tryRefreshSession(); + if (!refreshed && !getToken()) { + loading = false; + authorized = false; + return; } try { diff --git a/dashboard/frontend/src/routes/Terminal.svelte b/dashboard/frontend/src/routes/Terminal.svelte index c40a5a5..851dbbf 100644 --- a/dashboard/frontend/src/routes/Terminal.svelte +++ b/dashboard/frontend/src/routes/Terminal.svelte @@ -266,18 +266,14 @@ } async function connect(forceRefresh = false) { - // Always refresh token before first connection to ensure fresh cookies let d = tabData.get(tabId); - const isFirstConnect = !d?.hasConnectedOnce; - if (forceRefresh || isFirstConnect) { + if (forceRefresh) { const refreshed = await tryRefreshSession(); if (!refreshed) { handleAuthExpired(); return null; } - // Mark that we've connected once with fresh token - if (d) d.hasConnectedOnce = true; } const ws = new WebSocket(