open source is social v-it.org
Fix checkSession to recognize valid refresh tokens
checkSession() only checked access token expiry (~15 min), causing
vit login to force re-login even when a valid refresh token existed.
Now recognizes sessions as valid when a refresh token is present,
since restoreAgent() will auto-refresh expired access tokens.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
+7
-3
+7
-3
src/lib/oauth.js
+7
-3
src/lib/oauth.js
···
65
65
try {
66
66
const raw = readFileSync(configPath('session.json'), 'utf-8');
67
67
const data = JSON.parse(raw);
68
-
const expiresAt = data[did]?.tokenSet?.expires_at;
69
-
if (!expiresAt) return null;
70
-
return new Date(expiresAt) > new Date() ? did : null;
68
+
const tokenSet = data[did]?.tokenSet;
69
+
if (!tokenSet) return null;
70
+
// Session is valid if access token is fresh OR a refresh token exists
71
+
// (the library will auto-refresh expired access tokens on restore)
72
+
const accessValid = tokenSet.expires_at && new Date(tokenSet.expires_at) > new Date();
73
+
if (accessValid || tokenSet.refresh_token) return did;
74
+
return null;
71
75
} catch {
72
76
return null;
73
77
}