If two separate sessions are logged in as the same user, and one of them then logs out, the portal errors out for the other user.
This happens because logging out removes a shared row for the user from the authtoken.tokenstore, and the TokenRefreshFilter depends on the row being present in the database as long as there is a valid session for the user.
Actions:
Disable the call that removes the token from the DB during logout.
Add check for token row in TokenRefreshFilter, and just act as if the token has expired and cannot be refreshed in case it's missing.
If two separate sessions are logged in as the same user, and one of them then logs out, the portal errors out for the other user.
This happens because logging out removes a shared row for the user from the
authtoken.tokenstore, and the TokenRefreshFilter depends on the row being present in the database as long as there is a valid session for the user.Actions:
Disable the call that removes the token from the DB during logout.
Add check for token row in TokenRefreshFilter, and just act as if the token has expired and cannot be refreshed in case it's missing.