From 3cf3cd4edbcc500b3b54c96ff0fbc116686fb842 Mon Sep 17 00:00:00 2001
From: poignatov <poignatov@avito.ru>
Date: Mon, 12 Jan 2026 17:05:19 +0300
Subject: [PATCH] fix(auth): improve token refresh with better logging and
 error handling

- Add detailed logging for token refresh process
- Increase refresh timeout from 5s to 10s
- Log response body on refresh failure for diagnostics
- Verify tokens are present in refresh response
- Improve authFetch logging during retry

Version: 3.9.4
---
 VERSION                                       |  2 +-
 play-life-web/package.json                    |  2 +-
 .../src/components/auth/AuthContext.jsx       | 32 +++++++++++++++++--
 3 files changed, 31 insertions(+), 5 deletions(-)

diff --git a/VERSION b/VERSION
index 820476a..e0d61b5 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-3.9.3
+3.9.4
diff --git a/play-life-web/package.json b/play-life-web/package.json
index dd7aaff..311a0ff 100644
--- a/play-life-web/package.json
+++ b/play-life-web/package.json
@@ -1,6 +1,6 @@
 {
   "name": "play-life-web",
-  "version": "3.9.2",
+  "version": "3.9.4",
   "type": "module",
   "scripts": {
     "dev": "vite",
diff --git a/play-life-web/src/components/auth/AuthContext.jsx b/play-life-web/src/components/auth/AuthContext.jsx
index e8df97b..82d775f 100644
--- a/play-life-web/src/components/auth/AuthContext.jsx
+++ b/play-life-web/src/components/auth/AuthContext.jsx
@@ -42,12 +42,15 @@ export function AuthProvider({ children }) {
     const refresh = localStorage.getItem(REFRESH_TOKEN_KEY)
     
     if (!refresh) {
+      console.warn('[Auth] No refresh token in localStorage')
       return { success: false, isNetworkError: false }
     }
     
+    console.log('[Auth] Attempting refresh with token:', refresh.substring(0, 10) + '...')
+    
     try {
       const controller = new AbortController()
-      const timeoutId = setTimeout(() => controller.abort(), 5000) // 5 second timeout
+      const timeoutId = setTimeout(() => controller.abort(), 10000) // 10 second timeout (increased)
       
       const response = await fetch('/api/auth/refresh', {
         method: 'POST',
@@ -61,6 +64,15 @@ export function AuthProvider({ children }) {
       clearTimeout(timeoutId)
       
       if (!response.ok) {
+        // Логируем тело ответа для диагностики
+        let errorBody = ''
+        try {
+          errorBody = await response.text()
+        } catch (e) {
+          errorBody = 'Could not read error body'
+        }
+        console.error('[Auth] Refresh failed:', response.status, errorBody)
+        
         // 401 means invalid token (real auth error)
         // Other errors might be temporary (503, 502, etc.)
         const isAuthError = response.status === 401
@@ -69,6 +81,13 @@ export function AuthProvider({ children }) {
       
       const data = await response.json()
       
+      // Проверяем что токены действительно пришли
+      if (!data.access_token || !data.refresh_token) {
+        console.error('[Auth] Refresh response missing tokens:', Object.keys(data))
+        return { success: false, isNetworkError: false }
+      }
+      
+      console.log('[Auth] Refresh successful, saving new tokens')
       localStorage.setItem(TOKEN_KEY, data.access_token)
       localStorage.setItem(REFRESH_TOKEN_KEY, data.refresh_token)
       localStorage.setItem(USER_KEY, JSON.stringify(data.user))
@@ -76,14 +95,14 @@ export function AuthProvider({ children }) {
       
       return { success: true, isNetworkError: false }
     } catch (err) {
+      console.error('[Auth] Refresh error:', err.name, err.message)
       // Network errors should be treated as temporary
       if (err.name === 'AbortError' || 
           (err.name === 'TypeError' && (err.message.includes('fetch') || err.message.includes('Failed to fetch')))) {
-        console.warn('Refresh token network error, keeping session:', err.message)
+        console.warn('[Auth] Refresh token network error, keeping session')
         return { success: false, isNetworkError: true }
       }
       // Other errors might be auth related
-      console.error('Refresh token error:', err)
       return { success: false, isNetworkError: false }
     }
   }, [])
@@ -276,14 +295,20 @@ export function AuthProvider({ children }) {
       
       // If 401, try to refresh token and retry
       if (response.status === 401) {
+        console.log('[Auth] Got 401 for', url, '- attempting token refresh')
         const result = await refreshToken()
         if (result.success) {
+          console.log('[Auth] Token refreshed, retrying request to', url)
           const newToken = localStorage.getItem(TOKEN_KEY)
           headers['Authorization'] = `Bearer ${newToken}`
           response = await fetch(url, { ...options, headers })
+          console.log('[Auth] Retry response status:', response.status)
         } else if (!result.isNetworkError) {
           // Only logout if refresh failed due to auth error (not network error)
+          console.warn('[Auth] Refresh failed with auth error, logging out')
           logout()
+        } else {
+          console.warn('[Auth] Refresh failed with network error, keeping session but request failed')
         }
         // If network error, don't logout - let the caller handle the 401
       }
@@ -292,6 +317,7 @@ export function AuthProvider({ children }) {
     } catch (err) {
       // Network errors should not trigger logout
       // Let the caller handle the error
+      console.error('[Auth] Fetch error for', url, ':', err.message)
       throw err
     }
   }, [refreshToken, logout])