Permalink
Browse files

fix(authentication): prevent logout if there is no identity

BREAKING CHANGE: authentication failures on 401 now return the response in the rejection.
  • Loading branch information...
RWOverdijk committed Jun 8, 2017
1 parent cd3c42b commit aea4ac861e50ea6d4f428b95c1f493e80a79e118
Showing with 4 additions and 0 deletions.
  1. +4 −0 src/fetchClientConfig.js
@@ -52,6 +52,10 @@ export class FetchConfig {
if (response.status !== 401) {
return resolve(response);
}
// when we get a 401 and are not logged in, there's not much to do except reject the request
if (!this.authService.authenticated) {
return reject(response);
}
// logout when server invalidated the authorization token but the token itself is still valid
if (this.config.httpInterceptor && this.config.logoutOnInvalidtoken && !this.authService.isTokenExpired()) {
return reject(this.authService.logout());

0 comments on commit aea4ac8

Please sign in to comment.