Two things can cause "unauthorized" errors unnecessarily in the system. This one addresses the symptom of expired sessions due to our deployment on Cloud Run (and the resulting invalid CSRF tokens) to reduce the frequency of these errors.
Acceptance Criteria
When and unauthorized error occurs and the the session cookie containing the CSRF token does not exist or has expired:
[ ] Make a call to the CSRF cookie establishing service to reestablish the session cookie and...
[ ] Store the updated CSRF token in local state
This should result in a lost session not generating unauthorized errors in response to service calls made from the front end.
@mkimberlin can assist with an approach to testing this.
Two things can cause "unauthorized" errors unnecessarily in the system. This one addresses the symptom of expired sessions due to our deployment on Cloud Run (and the resulting invalid CSRF tokens) to reduce the frequency of these errors.
Acceptance Criteria
This should result in a lost session not generating unauthorized errors in response to service calls made from the front end.
@mkimberlin can assist with an approach to testing this.