Fix auth race condition causing frequent logouts

Fork: 0

root / navi-1

Browse code Fix auth race condition causing frequent logouts Add per-session-id asyncio.Lock around token refresh to prevent parallel requests from simultaneously refreshing the same token. Re-read the session inside the lock so a second request can use the token already refreshed by the first one. Stop deleting the auth session on refresh failure — transient errors (network, race condition, expired refresh token) were wiping the session and forcing a full re-login. + tests for both behaviours. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> feature/navi-code master vmkdemo
1 parent f045b51 commit 14f2753479ffdab31198bdff0557e9acc7cd7312 Eugene Sukhodolskiy authored on 23 May

Browse code

Add per-session-id asyncio.Lock around token refresh to prevent
parallel requests from simultaneously refreshing the same token.
Re-read the session inside the lock so a second request can use
the token already refreshed by the first one.

Stop deleting the auth session on refresh failure — transient
errors (network, race condition, expired refresh token) were
wiping the session and forcing a full re-login.

+ tests for both behaviours.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

feature/navi-code master vmkdemo

1 parent f045b51 commit 14f2753479ffdab31198bdff0557e9acc7cd7312

Eugene Sukhodolskiy authored on 23 May

Patch

Unified Split

Showing 2 changed files

Ignore Space Show notes View navi/auth/deps.py

Ignore Space Show notes View tests/unit/auth/test_deps.py

Show line notes below