Handle SSE token expiration silently to avoid Sentry noise#19060
Handle SSE token expiration silently to avoid Sentry noise#19060jnMetaCode wants to merge 1 commit intotwentyhq:mainfrom
Conversation
When a user session is idle long enough for the token to expire, the SSE client's error callback was sending every error to Sentry. This is a normal reconnection scenario and should not produce error logs. The fix detects token expiration errors (401/UNAUTHENTICATED) and silently triggers event stream destruction for reconnection, only reporting unexpected errors to Sentry. Fixes twentyhq#18077
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
There was a problem hiding this comment.
Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.
Welcome!
Hello there, congrats on your first PR! We're excited to have you contributing to this project. |
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
![sentry[bot]](https://avatars.githubusercontent.com/in/12637?s=60&v=4){kind=small}
|
|
||
| return; | ||
| } | ||
|
|
There was a problem hiding this comment.
Bug: The new 401 error handler triggers an infinite SSE reconnection loop because it does not refresh the expired authentication token before attempting to reconnect.
Severity: HIGH
Suggested Fix
Instead of silently triggering a reconnection on a 401 error, the handler should initiate a token refresh mechanism or trigger a user-facing re-authentication flow. The reconnection should only proceed after the token has been successfully refreshed. Persistent authentication failures should be logged to ensure visibility.
Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.
Location:
packages/twenty-front/src/modules/sse-db-event/hooks/useTriggerEventStreamCreation.ts#L127-L130
Potential issue: When the authentication token expires, the SSE client receives a 401
error. The new error handler in `useTriggerEventStreamCreation.ts` catches this and sets
`shouldDestroyEventStreamState` to `true`, initiating a destroy-and-recreate cycle for
the event stream. However, the client-side application lacks a mechanism to
automatically refresh the expired token. Consequently, the new SSE stream is created
with the same invalid token, leading to another 401 error. This results in a silent,
infinite reconnection loop, consuming client and server resources without notifying the
user of the session expiration or logging the error.
Did we get this right? 👍 / 👎 to inform future reviews.
|
@jnMetaCode Please stop opening AI generated PR on this repository. You are not helping us and harming the community. This will be the only warning before ban: one more and that's it |
2 participants
Summary
useTriggerEventStreamCreationto detect token expiration errors (401/UNAUTHENTICATED) and handle them silently by triggering event stream reconnectionFixes #18077
Test plan