fix: Redirect user to login if session is terminated

If a session timed out or was closed in another tab,
then currently the user gets random error messages.
This intercepts 401 responses (should only happen if logged out, or the
users does something wrong).

If we get a 401, we make sure its because of the session,
by checking if the user can access the files app.
If that is also the case we forward the user to the login page
and set the redirect URL to the last used URL.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

Author: susnux

core/src/utils/xhr-request.js

@@ -3,7 +3,8 @@
  * SPDX-License-Identifier: AGPL-3.0-or-later
  */
 
-import { getRootUrl } from '@nextcloud/router'
+import { getCurrentUser } from '@nextcloud/auth'
+import { generateUrl, getRootUrl } from '@nextcloud/router'
 
 /**
  *
@@ -26,6 +27,45 @@ const isNextcloudUrl = (url) => {
 		|| (isRelativeUrl(url) && url.startsWith(getRootUrl()))
 }
 
+
+/**
+ * Check if a user was logged in but is now logged-out.
+ * If this is the case then the user will be forwarded to the login page.
+ * @returns {Promise<void>}
+ */
+async function checkLoginStatus() {
+	// skip if no logged in user
+	if (getCurrentUser() === null) {
+		return
+	}
+
+	// skip if already running
+	if (checkLoginStatus.running === true) {
+		return
+	}
+
+	// only run one request in parallel
+	checkLoginStatus.running = true
+
+	try {
+		// We need to check this as a 401 in the first place could also come from other reasons
+		const { status } = await window.fetch(generateUrl('/apps/files'))
+		if (status === 401) {
+			console.warn('User session was terminated, forwarding to login page.')
+			window.location = generateUrl(
+				'/login?redirect_url={redirect}',
+				{
+					redirect: window.location.pathname + window.location.search,
+				},
+			)
+		}
+	} catch (error) {
+		console.warn('Could not check login-state')
+	} finally {
+		delete checkLoginStatus.running
+	}
+}
+
 /**
  * Intercept XMLHttpRequest and fetch API calls to add X-Requested-With header
  *
@@ -42,10 +82,10 @@ export const interceptRequests = () => {
 	})(XMLHttpRequest.prototype.open)
 
 	window.fetch = (function(fetch) {
-		return (resource, options) => {
+		return async (resource, options) => {
 			// fetch allows the `input` to be either a Request object or any stringifyable value
 			if (!isNextcloudUrl(resource.url ?? resource.toString())) {
-				return fetch(resource, options)
+				return await fetch(resource, options)
 			}
 			if (!options) {
 				options = {}
@@ -60,7 +100,11 @@ export const interceptRequests = () => {
 				options.headers['X-Requested-With'] = 'XMLHttpRequest'
 			}
 
-			return fetch(resource, options)
+			const response = await fetch(resource, options)
+			if (response.status === 401) {
+				checkLoginStatus()
+			}
+			return response
 		}
 	})(window.fetch)
 }