SSO consent: tighten validate timeout (4s) and watchdog (5s), fall back to cached profile if validate is slow

2026-04-21 13:37:41 +00:00 · 2026-04-21 09:29:04 -04:00 · 2026-04-21 09:29:04 -04:00 · 9f2f4dfd74
commit 9f2f4dfd74
parent feb357bd9f
1 changed files with 21 additions and 2 deletions
--- a/src/auth.js
+++ b/src/auth.js
@ -1096,9 +1096,28 @@ router.get('/SSO', (req, res) => {
      // Safety watchdog: if anything stalls, stop showing an indefinite spinner.
      const bootTimeout = setTimeout(() => {
        if (loadingEl && loadingEl.style.display !== 'none') {
+          // If we have a cached user profile, use that instead of failing — server
+          // may simply be slow/unreachable for the validate endpoint, but the
+          // profile we'll share is already cached locally.
+          try {
+            const cachedRaw = localStorage.getItem('haven_user');
+            const cached = cachedRaw ? JSON.parse(cachedRaw) : null;
+            if (cached && cached.username) {
+              approvedProfile = {
+                username: cached.username,
+                displayName: cached.displayName || cached.username,
+                profilePicture: cached.avatar || null
+              };
+              document.getElementById('sso-username').textContent = approvedProfile.displayName || approvedProfile.username;
+              document.getElementById('sso-avatar').textContent = cached.avatar ? 'Will be shared' : 'None set';
+              showConsentReady();
+              setDebug('Using cached profile (validate endpoint did not respond in time).', 'ok');
+              return;
+            }
+          } catch {}
          showNotLoggedIn('SSO check timed out. Try refreshing this page or logging in again.');
        }
-      }, 10000);
+      }, 5000);

      let token;
      try {
@ -1121,7 +1140,7 @@ router.get('/SSO', (req, res) => {
      try {
        setDebug('Validating token with this server...');
        const ctrl = new AbortController();
-        const timer = setTimeout(() => ctrl.abort(), 7000);
+        const timer = setTimeout(() => ctrl.abort(), 4000);
        const verifyRes = await fetch('/api/auth/validate', {
          headers: { 'Authorization': 'Bearer ' + token },
          signal: ctrl.signal