diff --git a/web/lib/firebase/server-auth.ts b/web/lib/firebase/server-auth.ts index 5f828683..47eadb45 100644 --- a/web/lib/firebase/server-auth.ts +++ b/web/lib/firebase/server-auth.ts @@ -52,12 +52,19 @@ export const getServerAuthenticatedUid = async (ctx: RequestContext) => { if (idToken != null) { try { return (await auth.verifyIdToken(idToken))?.uid + } catch { + // plausibly expired; try the refresh token, if it's present + } + } + if (refreshToken != null) { + try { + const resp = await requestFirebaseIdToken(refreshToken) + setAuthCookies(resp.id_token, resp.refresh_token, ctx.res) + return (await auth.verifyIdToken(resp.id_token))?.uid } catch (e) { - if (refreshToken != null) { - const resp = await requestFirebaseIdToken(refreshToken) - setAuthCookies(resp.id_token, resp.refresh_token, ctx.res) - return (await auth.verifyIdToken(resp.id_token))?.uid - } + // this is a big unexpected problem -- either their cookies are corrupt + // or the refresh token API is down. functionally, they are not logged in + console.error(e) } } return undefined