From e607f8c5992d18b99ce651337b96d1d847100e08 Mon Sep 17 00:00:00 2001
From: Julian Krauser <jkrauser209@gmail.com>
Date: Fri, 25 Apr 2025 12:22:04 +0200
Subject: [PATCH] fix: false positive auth true by existing expired jwt

---
 src/router/authGuard.ts | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/router/authGuard.ts b/src/router/authGuard.ts
index d7e5be2..c19bc72 100644
--- a/src/router/authGuard.ts
+++ b/src/router/authGuard.ts
@@ -55,6 +55,7 @@ export async function isAuthenticatedPromise(forceRefresh: boolean = false): Pro
       // check jwt expiry
       const exp = decoded.exp ?? 0;
       const correctedLocalTime = new Date().getTime();
+      let failedRefresh = false;
       if (exp < Math.floor(correctedLocalTime / 1000) || forceRefresh) {
         await refreshToken()
           .then(() => {
@@ -63,10 +64,13 @@ export async function isAuthenticatedPromise(forceRefresh: boolean = false): Pro
           .catch((err: string) => {
             console.log("expired");
             auth.setFailed();
+            failedRefresh = true;
             reject(err);
           });
       }
 
+      if (failedRefresh) return;
+
       var { userId, firstname, lastname, mail, username, permissions, isOwner } = decoded;
 
       if (Object.keys(permissions ?? {}).length === 0 && !isOwner) {