Open aerych opened 6 years ago
aerych
commented
6 years ago It looks like when relaunching the app I'm being prompted to provide my password to re-auth, but there is a prompt for each of my blogs. It should ideally be just one.
It would also be nice to not have to close and relaunch the app to detect the invalid token.
aforcier
commented
6 years ago Related: Currently FluxC will float up a INVALID_TOKEN error (which triggers the re-auth screen in WPAndroid), but it should actually flush the token too. Issue for that: https://github.com/wordpress-mobile/WordPress-FluxC-Android/issues/462
stale[bot]
commented
4 years ago This issue has been marked as stale because:
[Pri] Blocker, [Pri] High, or good first issue.Please comment with an update if you believe this issue is still valid or if it can be closed. This issue will also be reviewed for validity and priority (cc @designsimply).
designsimply
commented
4 years ago Still valid. Next step will be to re-test after https://github.com/wordpress-mobile/WordPress-FluxC-Android/issues/462 is resolved and decide what, if any, further steps are needed.
jd-alexander
commented
4 years ago @designsimply I had merged a fix for this. Do we still want to do a retest before closing this issue? Let me know 😄
If a wpcom/Jetpack user visits https://wordpress.com/me/security/connected-applications they can opt to disconnect the mobile apps. This invalidates their bearer token and any subsequent request to the wpcom REST API requiring authentication will fail.
Investigate how to detect this scenario and, when detected, log the user out of wpcom (showing the welcome screen if necessary).