Ensure all token refreshes use the Controller

nuxt-community / auth-module

Zero-boilerplate authentication support for Nuxt 2

https://auth.nuxtjs.org

MIT License

1.93k stars 924 forks source link

Ensure all token refreshes use the Controller #1739

Open Carl-Foster opened 2 years ago

Carl-Foster commented 2 years ago

The issue was found when an expired token was used in a client-side navigation to a page with multiple axios requests. Each request would send out a refresh request first. In our case, if would cause multiple new tokens to be created while only the last would be allowed. This then could cause a race condition which would log the user out.

The fix implemented is to simply use the pre-existing RefreshController to ensure that only one refresh request is sent.

sadeghi-aa commented 2 years ago

Any update on this? It would be really good if this fix gets merged.