feat(auth): add session expired banner when token refresh fails

Users now see an amber banner with a re-login button instead of a broken empty page when their session expires. Uses pub/sub events from tokenManager, integrated in todo, calendar, zitare, contacts. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-22 15:06:43 +02:00 · 2026-03-24 21:24:28 +01:00 · 2026-03-24 21:24:28 +01:00 · d6440664ac
commit d6440664ac
parent 02db49175a
9 changed files with 376 additions and 0 deletions
--- a/packages/shared-auth/src/index.ts
+++ b/packages/shared-auth/src/index.ts
@ -74,6 +74,16 @@ export type { FetchInterceptorConfig } from './interceptors/fetchInterceptor';
 export { ContactsClient, createContactsClient } from './clients/contactsClient';
 export type { ContactsClientConfig, ContactSearchOptions } from './clients/contactsClient';

+// Session expired events
+import { resetSessionExpired as _resetSessionExpired } from './events/sessionExpired';
+import { TokenState as _TokenStateEnum } from './types';
+export {
+	onSessionExpired,
+	emitSessionExpired,
+	resetSessionExpired,
+	isSessionExpired,
+} from './events/sessionExpired';
+
 /**
 * Initialize auth service with all adapters for web
 *
@ -112,5 +122,12 @@ export function initializeWebAuth(config: {
 	if (config.backendUrl) urls.push(config.backendUrl);
 	_setupFetchInterceptor(authService, tokenManager, { urls });

+	// Reset session expired state when token becomes valid again (e.g., after re-login)
+	tokenManager.subscribe((state) => {
+		if (state === _TokenStateEnum.VALID) {
+			_resetSessionExpired();
+		}
+	});
+
 	return { authService, tokenManager };
 }