fix: resolve critical security and UI session mismatch by clearing React Query cache on login/logout and invalidating on subscription updates
All checks were successful
Deploy to Production / Build and Deploy (push) Successful in 2m24s

This commit is contained in:
2026-06-14 11:15:09 +02:00
parent 136d40c7d8
commit c7506e6aca
6 changed files with 28 additions and 6 deletions

View File

@@ -16,6 +16,7 @@ import { ThemeToggle } from '@/components/ui/theme-toggle';
import { languages } from '@/lib/api';
import { useTranslationStore } from '@/lib/store';
import { cn } from '@/lib/utils';
import { useQueryClient } from '@tanstack/react-query';
/* ── helpers ──────────────────────────────────────────────────── */
const PLAN_ICONS: Record<string, React.ElementType> = {
@@ -90,6 +91,8 @@ export default function ProfilePage() {
const token = typeof window !== 'undefined' ? localStorage.getItem('token') : null;
const authHeaders = { Authorization: `Bearer ${token}` };
const queryClient = useQueryClient();
const fetchData = useCallback(async () => {
if (!token) { router.push('/auth/login?redirect=/dashboard/profile'); return; }
try {
@@ -97,10 +100,15 @@ export default function ProfilePage() {
fetch(`${API_BASE}/api/v1/auth/me`, { headers: authHeaders }),
fetch(`${API_BASE}/api/v1/auth/usage`, { headers: authHeaders }),
]);
if (meRes.ok) { const j = await meRes.json(); setUser(j.data ?? j); }
if (meRes.ok) {
const j = await meRes.json();
const userData = j.data ?? j;
setUser(userData);
queryClient.setQueryData(['user', 'me'], userData);
}
if (usageRes.ok) { const j = await usageRes.json(); setUsage(j.data ?? j); }
} catch { /* ignore */ } finally { setLoading(false); }
}, [token]); // eslint-disable-line react-hooks/exhaustive-deps
}, [token, queryClient]); // eslint-disable-line react-hooks/exhaustive-deps
useEffect(() => { fetchData(); }, [fetchData]);
useEffect(() => { setDefaultLanguage(settings.defaultTargetLanguage); }, [settings.defaultTargetLanguage]);