From 712ce967945abd679103be56f5f0a51e419a5d2b Mon Sep 17 00:00:00 2001
From: evanpelle <evanpelle@gmail.com>
Date: Fri, 13 Feb 2026 17:07:54 -0800
Subject: [PATCH] Fix JWT refresh race condition causing unexpected logouts

---
 src/client/Auth.ts | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/client/Auth.ts b/src/client/Auth.ts
index c5fdef981..0748a13f4 100644
--- a/src/client/Auth.ts
+++ b/src/client/Auth.ts
@@ -10,6 +10,7 @@ export type UserAuth = { jwt: string; claims: TokenPayload } | false;
 const PERSISTENT_ID_KEY = "player_persistent_id";
 
 let __jwt: string | null = null;
+let __refreshPromise: Promise<void> | null = null;
 
 export function discordLogin() {
   const redirectUri = encodeURIComponent(window.location.href);
@@ -138,6 +139,18 @@ export async function userAuth(
 }
 
 async function refreshJwt(): Promise<void> {
+  if (__refreshPromise) {
+    return __refreshPromise;
+  }
+  __refreshPromise = doRefreshJwt();
+  try {
+    await __refreshPromise;
+  } finally {
+    __refreshPromise = null;
+  }
+}
+
+async function doRefreshJwt(): Promise<void> {
   try {
     console.log("Refreshing jwt");
     const response = await fetch(getApiBase() + "/auth/refresh", {