admin/goodgo-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8825a13d1d22ce4998b75ad1aa8e8eb46e29fb1d
goodgo-platform/apps/web/lib/query-client.ts
Ho Ngoc Hai ad8577e2bd
Some checks failed
CI / E2E Tests (push) Has been skipped
Details
CodeQL Analysis / CodeQL (javascript-typescript) (push) Failing after 1m5s
Details
Deploy / Build API Image (push) Failing after 27s
Details
Deploy / Build Web Image (push) Failing after 12s
Details
Deploy / Build AI Services Image (push) Failing after 10s
Details
E2E Tests / Playwright E2E (push) Failing after 16s
Details
Security Scanning / Dependency Audit (pnpm) (push) Failing after 3s
Details
Security Scanning / Trivy Scan — API Image (push) Failing after 57s
Details
Deploy / Deploy to Staging (push) Has been cancelled
Details
Deploy / Rollback Staging (push) Has been cancelled
Details
Deploy / Smoke Test Production (push) Has been cancelled
Details
Deploy / Rollback Production (push) Has been cancelled
Details
CI / Lint → Typecheck → Test → Build (22) (push) Failing after 11s
Details
Deploy / Smoke Test Staging (push) Has been cancelled
Details
Deploy / Deploy to Production (push) Has been cancelled
Details
Security Scanning / Trivy Scan — Web Image (push) Failing after 46s
Details
Security Scanning / Trivy Filesystem Scan (push) Has been cancelled
Details
Security Scanning / Security Gate (push) Has been cancelled
Details
Security Scanning / Trivy Scan — AI Services Image (push) Has been cancelled
Details
fix(web): stop flooding console with 401 ApiError during initial load 
Five compounding problems caused hundreds of "Console ApiError:
Unauthorized" entries on every load of /dashboard (and friends) while
unauthenticated or while the auth cookie was stale:

1. QueryClient had `throwOnError: true` as a blanket default, so every
   401 from any react-query hook propagated to the nearest error
   boundary instead of staying in the query's `error` state. That
   also invited React to re-render and re-fire the boundary multiple
   times per failing query.

2. React Query retried all failures 3 times with exponential backoff,
   so a single 401 became four requests. 401 isn't fixable by retry,
   so this is just noise.

3. Dashboard layout rendered `<NotificationBell />` unconditionally,
   which polled /notifications/unread-count on mount even when no user
   was signed in → 401 on every mount.

4. Dashboard + Admin layouts had no redirect-to-login guard, so
   protected queries (market-report, heatmap, admin/dashboard, …) all
   mounted and fired against the API before the user ever saw the
   login screen.

5. Admin layout waited on `user` but had no way to distinguish "store
   still initialising" from "user genuinely absent" — so an expired
   cookie left the page stuck on a spinner while the same 401 storm
   played out in the background.

Fixes
- query-client.ts: `throwOnError` and `retry` are now predicates. Only
  5xx / network errors bubble to boundaries and are retried; 4xx
  (auth, validation, not-found) stay in query error state so the
  component can render an empty/auth placeholder.
- auth-store.ts: new `isInitialized` flag set in a finally block at
  the end of `initialize()`. Downstream guards use it to distinguish
  "still booting" from "definitely logged out".
- (dashboard)/layout.tsx: redirects to /login?next=<path> once
  initialised and unauthenticated, and renders a lightweight loading
  screen in the meantime so child queries never mount.
- (admin)/layout.tsx: same guard. Non-ADMIN logged-in users still
  bounce to /dashboard.
- notification-bell.tsx: short-circuits `fetchUnreadCount` when
  `isAuthenticated` is false.

Verified in dev: visiting /vi/dashboard unauthenticated now redirects
to /login?redirect=/dashboard with zero console errors and no
/analytics/… calls to the backend.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-19 09:41:35 +07:00

66 lines
1.9 KiB
TypeScript
Raw Blame History

'use client';
import { QueryClient } from '@tanstack/react-query';
import { ApiError } from './api-client';
/**
* 401/403 errors are expected (logged-out users hit protected endpoints during
* initial render or token expiry) and should stay in the query's error state —
* components can show a "please sign in" placeholder. Do NOT propagate them to
* the error boundary, which would unmount the whole dashboard and spam the
* console.
*
* 404 means the backend simply has no data for the query — also non-fatal, let
* the component render an empty state.
*
* Anything else (network errors, 5xx, validation) is a real problem and should
* bubble up to the error boundary.
*/
function shouldBubbleToBoundary(error: unknown): boolean {
if (error instanceof ApiError) {
return error.status !== 401 && error.status !== 403 && error.status !== 404;
}
return true;
}
/**
* Retry only when it's likely transient (network / 5xx). Don't retry 4xx auth
* or validation failures — they won't fix themselves.
*/
function shouldRetry(failureCount: number, error: unknown): boolean {
if (error instanceof ApiError) {
if (error.status >= 400 && error.status < 500) return false;
}
return failureCount < 3;
}
function makeQueryClient() {
return new QueryClient({
defaultOptions: {
queries: {
staleTime: 60 * 1000,
gcTime: 5 * 60 * 1000,
retry: shouldRetry,
retryDelay: (attemptIndex) => Math.min(1000 * 2 ** attemptIndex, 30000),
refetchOnWindowFocus: false,
throwOnError: shouldBubbleToBoundary,
},
mutations: {
retry: 1,
},
},
});
}
let browserQueryClient: QueryClient | undefined;
export function getQueryClient() {
if (typeof window === 'undefined') {
return makeQueryClient();
}
if (!browserQueryClient) {
browserQueryClient = makeQueryClient();
}
return browserQueryClient;
}
Reference in New Issue View Git Blame Copy Permalink