api.js: logout on invalid token refresh

assets/js/dashboard.js

@@ -5,7 +5,6 @@
 // SPDX-License-Identifier: MIT
 
 import './lib/sortable.js'
-import { logout } from './lib/common.js'
 import './lib/challengeVoteBtn.js'
 import './lib/writeupVoteBtn.js'
 import Modal from './vendor/bootstrap/modal.js'
@@ -149,7 +148,7 @@ window.addEventListener('load', () => {
 
   document.getElementById('delete-confirm').addEventListener('click', () => {
     modal.hide()
-    HackropoleApi.deleteUserData().then(() => logout()).catch(() => {
+    HackropoleApi.deleteUserData().then(() => HackropoleApi.logout()).catch(() => {
       const toast = new Toast(document.getElementById('toast-api-error'))
       toast.show()
     })

assets/js/lib/api.js

@@ -1,4 +1,5 @@
 'use strict'
+/* eslint-env browser */
 
 // Copyright (C) 2023-2024  ANSSI
 // SPDX-License-Identifier: MIT
@@ -30,7 +31,7 @@ export default class HackropoleApi {
       body: JSON.stringify(params)
     })
     if (!response.ok) {
-      throw Error('autorize failed')
+      throw Error('authorize failed')
     }
 
     const data = await response.json()
@@ -59,10 +60,30 @@ export default class HackropoleApi {
     window.localStorage.setItem('auth', JSON.stringify(data))
   }
 
+  /**
+   * Empty all local storage, except theme
+   *
+   * This function never returns as it refreshes the window.
+   */
+  static logout () {
+    // Backup and restore theme in localStorage
+    let theme
+    if ('theme' in window.localStorage) {
+      theme = window.localStorage.getItem('theme')
+    }
+    window.localStorage.clear()
+    if (theme) {
+      window.localStorage.setItem('theme', theme)
+    }
+    window.location.reload()
+  }
+
   /**
    * Call API to refresh the access token
    *
    * This occurs when the access token is expired.
+   * This function may never return as it refreshes the window if unable to
+   * refresh the token.
    */
   static async refresh () {
     const auth = JSON.parse(window.localStorage.getItem('auth'))
@@ -72,7 +93,9 @@ export default class HackropoleApi {
       body: JSON.stringify(auth)
     })
     if (!response.ok) {
-      throw Error('login failed')
+      // Refresh failed, which means we should disconnect the user
+      alert('Authentication has expired, please try again after logging in.')
+      this.logout()
     }
 
     const data = await response.json()
@@ -143,7 +166,7 @@ export default class HackropoleApi {
   }
 
   /**
-   * Call API to vote/unvote a challenge.
+   * Call API to toggle a vote on a challenge.
    * @param {String} challenge - Challenge identifier, e.g. "fcsc2019-crypto-2tp"
    * @returns {Promise<String[]>} List of currently voted challenges
    */
@@ -155,7 +178,7 @@ export default class HackropoleApi {
   }
 
   /**
-   * Call API to vote/unvote a writeup.
+   * Call API to toggle a vote on a writeup.
    * @param {String} solution - Write-up UUID
    * @returns {Promise<String[]>} List of currently voted write-ups
    */

assets/js/lib/common.js

@@ -13,21 +13,6 @@ import Toast from '../vendor/bootstrap/toast.js'
  */
 export const STORAGE_VERSION = '1'
 
-/**
- * Empty all local storage except theme, then reload
- */
-export function logout () {
-  let theme
-  if ('theme' in window.localStorage) {
-    theme = window.localStorage.getItem('theme')
-  }
-  window.localStorage.clear()
-  if (theme) {
-    window.localStorage.setItem('theme', theme)
-  }
-  window.location.reload()
-}
-
 /**
  * Fill login dropdown using providers from session storage
  */
@@ -67,7 +52,7 @@ async function queryLogin (redirectUri) {
 
 document.getElementById('btn-logout').addEventListener('click', (e) => {
   e.preventDefault()
-  logout()
+  HackropoleApi.logout()
 })
 
 const redirectUri = document.getElementById('menu-login').dataset.redirectUri
@@ -85,7 +70,7 @@ if (sessionStorage.getItem('providers_redirect_uri') === redirectUri) {
 }
 
 if (HackropoleApi.isLogged() && localStorage.getItem('version') !== STORAGE_VERSION) {
-  logout()
+  HackropoleApi.logout()
 }
 
 // Update menu status