-
Steven authored
When no token exists in sessionStorage, AuthContext.initialize() was still calling GetCurrentUser, triggering the auth interceptor to attempt RefreshToken and retry — producing a burst of 5+ auth API calls in under a second that reverse proxies with rate limiting (e.g. CrowdSec) flag as brute force. Add hasStoredToken() to auth-state and bail out of initialize() early when there is definitively no session to restore. The refresh flow for expired tokens is preserved since hasStoredToken() checks for presence regardless of expiry. Fixes #5647
4aaebc50
| Name |
Last commit
|
Last update |
|---|---|---|
| .github | ||
| cmd/memos | ||
| internal | ||
| plugin | ||
| proto | ||
| scripts | ||
| server | ||
| store | ||
| web | ||
| .dockerignore | ||
| .gitignore | ||
| .golangci.yaml | ||
| AGENTS.md | ||
| CODEOWNERS | ||
| LICENSE | ||
| README.md | ||
| SECURITY.md | ||
| go.mod | ||
| go.sum |