web: models and cookies invalidation

[dinhlongviolin1]

Describe Your Changes

• Invalidate cache for tools capabilites
• Invalidate expired cookies

Fixes Issues

• Closes bug: cookie and local storage invalidation for chat.jan.ai jan-server#181

Self Checklist

• Added relevant comments, esp in complex areas
• Updated docs (for bug fixes / features)
• Created issues for follow-up changes or refactoring needed

---

Important

Invalidate cache for Jan model capabilities and expired cookies in provider.ts and service.ts.

• Model Cache Invalidation:
  • Added validateJanModelsLocalStorage() in provider.ts to clear localStorage if Jan model capabilities mismatch.
  • Uses JAN_MODEL_CAPABILITIES constant for capability checks.
• Cookie Invalidation:
  • In service.ts, added token refresh logic in initialize() to handle expired sessions by logging out and clearing auth state.
  • Calls refreshToken() and handles failures by invoking logoutUser() and clearAuthState().
• Misc:
  • Updated get() and list() in provider.ts to use JAN_MODEL_CAPABILITIES for model capabilities.

^{This description was created by for fbd85f6. You can customize this summary. It will automatically update as commits are pushed.}

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to fbd85f6 in 1 minute and 46 seconds. Click for details.

• Reviewed 120 lines of code in 2 files
• Skipped 0 files when reviewing.
• Skipped posting 4 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. extensions-web/src/jan-provider-web/provider.ts:62

• Draft comment:
  Consider using a robust deep equality check instead of comparing JSON.stringify outputs for capabilities (e.g. using Array.every or a utility) to handle cases where order might vary.
• Reason this comment was not posted:
  Decided after close inspection that this draft comment was likely wrong and/or not actionable: usefulness confidence = 20% vs. threshold = 50% The comment makes a valid technical point - JSON.stringify can fail to match equivalent arrays if elements are in different orders. The suggested fix using Array.every is a more robust solution. However, looking at the codebase, JAN_MODEL_CAPABILITIES is a const array with a single element ['tools'], so order doesn't actually matter in this specific case. The current code will work fine for the current use case. While technically correct, the suggested change adds complexity without providing real benefit given that JAN_MODEL_CAPABILITIES is a single-element const array. The current code is simpler and works reliably for this specific case. The comment suggests a more robust general solution, but for this specific implementation with a single-element const array, the current approach is actually cleaner and perfectly adequate. Delete the comment since it suggests additional complexity that isn't needed given the specific implementation details. The current code is appropriate for this use case.

2. extensions-web/src/jan-provider-web/provider.ts:84

• Draft comment:
  Forcing a page reload with window.location.reload() might interrupt the user experience. Consider a more graceful state refresh mechanism.
• Reason this comment was not posted:
  Decided after close inspection that this draft comment was likely wrong and/or not actionable: usefulness confidence = 10% vs. threshold = 50% The reload is intentional here as a safety measure when model capabilities are invalid. A page reload ensures all state is truly clean and no stale data remains in memory. This is a rare error case, not normal operation. Alternative state refresh mechanisms could be complex and potentially leave stale state. A page reload is disruptive to users. There could be unsaved work or ongoing operations that would be lost. This is an error recovery mechanism for invalid model data - a rare case where we need absolute certainty that all state is clean. The tradeoff of potential disruption is acceptable given the severity and rarity. The page reload is an appropriate solution for this specific error case. The comment should be removed as the current implementation is intentional and justified.

3. extensions-web/src/shared/auth/service.ts:52

• Draft comment:
  Refreshing the token on initialization is a good security measure. Ensure that any refresh failures (e.g., network issues vs. expired token) are handled appropriately.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is informative and suggests ensuring proper handling of token refresh failures. However, it does not provide a specific code suggestion or ask for a specific test to be written. It also indirectly asks the author to ensure behavior, which violates the rules.

4. extensions-web/src/shared/auth/service.ts:51

• Draft comment:
  Typographical note: The comment "Ensure refreshtoken is valid" might be clearer as "Ensure refresh token is valid" to match common terminology and the camelCase name of the function.
• Reason this comment was not posted:
  Decided after close inspection that this draft comment was likely wrong and/or not actionable: usefulness confidence = 10% vs. threshold = 50% While technically correct that "refresh token" is more standard terminology, this is an extremely minor comment about documentation formatting that doesn't impact functionality. The meaning is still clear either way. Comments about pure documentation/formatting should generally be handled in less formal ways. The comment is technically accurate and the suggestion would improve consistency with standard terminology. However, this is an extremely minor documentation issue that doesn't warrant a formal PR comment. Such minor documentation tweaks can be handled through direct communication or during code review. Delete this comment as it's too minor of a documentation issue to warrant a formal PR comment.

Workflow ID: wflow_XzxihKbPvB7y95uL

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

[jjchen01]

LGTM

[locnguyen1986]

lgtm