Merge branch 'fix/logout-when-unauthenticated' into 4.7.8-dev

2026-04-14 19:56:32 +00:00 · 2025-07-02 15:09:49 -05:00 · 2025-07-02 15:09:49 -05:00 · a94d9437f3
commit a94d9437f3
parent 28fc07d364 55132e0c57
2 changed files with 34 additions and 15 deletions
--- a/Habitica/src/main/java/com/habitrpg/android/habitica/data/implementation/ApiClientImpl.kt
+++ b/Habitica/src/main/java/com/habitrpg/android/habitica/data/implementation/ApiClientImpl.kt
@ -56,6 +56,7 @@ import okhttp3.Cache
 import okhttp3.OkHttpClient
 import okhttp3.Request
 import okhttp3.logging.HttpLoggingInterceptor
+import org.json.JSONObject
 import retrofit2.Converter
 import retrofit2.HttpException
 import retrofit2.Retrofit
@ -158,12 +159,33 @@ class ApiClientImpl(
                            when (response.code) {
                                401 -> {
                                    val path = response.request.url.encodedPath
-                                    if (!path.contains("user/auth/update-password")) {
-                                        // token has been revoked/rotated elsewhere
-                                        HabiticaBaseApplication.logout(context)
+                                    if (!path.contains("/user/auth/update-password")) {
+                                        val bodyStr = try {
+                                            response.peekBody(1024).string()
+                                        } catch (_: Exception) {
+                                            ""
+                                        }
+
+                                        val (errField, msgField) = try {
+                                            val obj = JSONObject(bodyStr)
+                                            obj.optString("error", "") to obj.optString("message", "")
+                                        } catch (_: Exception) {
+                                            "" to ""
+                                        }
+
+                                        val shouldLogout = errField.equals("missingAuthHeaders", ignoreCase = true)
+                                                || errField.equals("invalidCredentials",   ignoreCase = true)
+                                                || msgField.contains("invalidCredentials",      ignoreCase = true)
+                                                || msgField.contains("Missing authentication headers", ignoreCase = true)
+                                                || msgField.contains("There is no account that uses those credentials", ignoreCase = true)
+
+                                        if (shouldLogout) {
+                                            HabiticaBaseApplication.logout(context)
+                                        }
                                    }
                                    return@addNetworkInterceptor response
                                }
+
                                404 -> {
                                    // The server is returning a 404 error, which means the requested resource was not found.
                                    // In this case - we want to actually cache the response, and handle it in the app
--- a/common/src/main/java/com/habitrpg/common/habitica/models/auth/UserAuthResponse.kt
+++ b/common/src/main/java/com/habitrpg/common/habitica/models/auth/UserAuthResponse.kt
@ -1,15 +1,12 @@
 package com.habitrpg.common.habitica.models.auth

-class UserAuthResponse {
-    // we need apiToken and token, as both are possible returns
-    var apiToken: String = ""
-    var token: String
-        get() {
-            return apiToken
-        }
-        set(value) {
-            apiToken = value
-        }
-    var newUser = false
-    var id: String = ""
+data class UserAuthResponse(
+    val apiToken: String = "",
+    val id:       String = "",
+    val newUser:  Boolean = false
+) {
+
+    val token: String
+        get() = apiToken
 }
+