From 58773ede910471f6c08d061060acb4dbc99779ac Mon Sep 17 00:00:00 2001
From: infinite-persistence
 <64950861+infinite-persistence@users.noreply.github.com>
Date: Wed, 18 Aug 2021 07:49:09 -0700
Subject: [PATCH] Reload when auth token mismatch is detected (#6897)

## Tickets
- 5504 Signing out of account causes page to break in other tabs
- 6829 merged accounts - force log out / fail sync when x-auth-token and cookie auth token are different

## Steps to replicate
1. Login to odysee with account-A.
2. Open another tab, and split both tabs on the screen.
3. Logout from the 1st tab. Do not activate (focus) the 2nd tab.
4. On the 1st tab, login with account-B.
5. Activate (focus) the 2nd tab. The wallet would have been merged, and we are still logged in as account-A.

## Approach
Reload when the LBRY API token no longer matches the auth token.
---
 ui/redux/actions/sync.js | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/ui/redux/actions/sync.js b/ui/redux/actions/sync.js
index ba312d8eb..a00a29bb7 100644
--- a/ui/redux/actions/sync.js
+++ b/ui/redux/actions/sync.js
@@ -3,9 +3,10 @@ import { Lbryio } from 'lbryinc';
 import { SETTINGS, Lbry, doWalletEncrypt, doWalletDecrypt } from 'lbry-redux';
 import { selectGetSyncIsPending, selectSetSyncIsPending, selectSyncIsLocked } from 'redux/selectors/sync';
 import { makeSelectClientSetting } from 'redux/selectors/settings';
-import { getSavedPassword } from 'util/saved-passwords';
+import { getSavedPassword, getAuthToken } from 'util/saved-passwords';
 import { doAnalyticsTagSync, doHandleSyncComplete } from 'redux/actions/app';
 import { selectUserVerifiedEmail } from 'redux/selectors/user';
+import { X_LBRY_AUTH_TOKEN } from 'constants/token';
 
 let syncTimer = null;
 const SYNC_INTERVAL = 1000 * 60 * 5; // 5 minutes
@@ -148,6 +149,17 @@ export function doGetSync(passedPassword, callback) {
     }
   }
 
+  // @if TARGET='web'
+  const xAuth =
+    Lbry.getApiRequestHeaders() && Object.keys(Lbry.getApiRequestHeaders()).includes(X_LBRY_AUTH_TOKEN)
+      ? Lbry.getApiRequestHeaders()[X_LBRY_AUTH_TOKEN]
+      : '';
+  if (xAuth && xAuth !== getAuthToken()) {
+    window.location.reload();
+    return;
+  }
+  // @endif
+
   return (dispatch) => {
     dispatch({
       type: ACTIONS.GET_SYNC_STARTED,