From b7197a09a735a207cd5f12c3e9ff4fe3468290ad Mon Sep 17 00:00:00 2001
From: Youwes09 <yuvi.shen@outlook.com>
Date: Tue, 19 May 2026 19:25:43 -0500
Subject: [PATCH] Fix: Attempt to Patch UI Login (Not-Working)

---
 src/core/auth.ts                              | 12 +++-
 .../settings/sections/SecuritySettings.svelte | 65 ++++++++++---------
 2 files changed, 42 insertions(+), 35 deletions(-)

diff --git a/src/core/auth.ts b/src/core/auth.ts
index 5c5ee23..d0b2bae 100644
--- a/src/core/auth.ts
+++ b/src/core/auth.ts
@@ -207,7 +207,7 @@ export const uiAuth = {
     sessionStorage.setItem(UI_SESSION_KEY, JSON.stringify(_uiSession));
     sessionStorage.removeItem(TOKEN_KEY);
   },
-  getToken:   () => {
+  getToken: () => {
     const session = uiAuth.getSession();
     if (!session) return null;
 
@@ -229,7 +229,7 @@ export const uiAuth = {
     _accessTokenBase = stored.base;
     return _accessToken;
   },
-  setToken:   (t: string) => {
+  setToken: (t: string) => {
     const existing = uiAuth.getSession();
     if (existing?.refreshToken) {
       uiAuth.setSession({
@@ -276,7 +276,13 @@ export const uiAuth = {
 };
 
 export const authSession = {
-  clearTokens() { uiAuth.clearToken(); },
+  clearTokens() {
+    _refreshPromise = null;
+    _jwtSettings = null;
+    _jwtSettingsBase = null;
+    _jwtSettingsFetchedAt = 0;
+    uiAuth.clearToken();
+  },
   hasSession(): boolean {
     const mode = store.settings.serverAuthMode ?? "NONE";
     if (mode === "UI_LOGIN") return uiAuth.getSession() !== null;
diff --git a/src/features/settings/sections/SecuritySettings.svelte b/src/features/settings/sections/SecuritySettings.svelte
index 40f2bf9..7af3bb6 100644
--- a/src/features/settings/sections/SecuritySettings.svelte
+++ b/src/features/settings/sections/SecuritySettings.svelte
@@ -1,7 +1,7 @@
 <script lang="ts">
   import { store, updateSettings } from "@store/state.svelte";
   import { gql } from "@api/client";
-  import { authSession, loginUI } from "@core/auth";
+  import { authSession, loginUI, logout } from "@core/auth";
   import { GET_SERVER_SECURITY } from "@api/queries/extensions";
   import { SET_SERVER_AUTH, SET_SOCKS_PROXY, SET_FLARESOLVERR } from "@api/mutations/extensions";
 
@@ -44,39 +44,40 @@
   }
 
   $effect(() => {
-    if (!secLoaded) { secLoaded = true; loadServerSecurity(); }
+    if (!secLoaded) { secLoaded = true; authSession.clearTokens(); loadServerSecurity(); }
   });
 
   async function loadServerSecurity() {
-    try {
-      const res = await gql<{ settings: {
-        authMode: string; authUsername: string;
-        socksProxyEnabled: boolean; socksProxyHost: string; socksProxyPort: string;
-        socksProxyVersion: number; socksProxyUsername: string;
-        flareSolverrEnabled: boolean; flareSolverrUrl: string; flareSolverrTimeout: number;
-        flareSolverrSessionName: string; flareSolverrSessionTtl: number;
-        flareSolverrAsResponseFallback: boolean;
-      }}>(GET_SERVER_SECURITY);
-      const s = res.settings;
-      const serverMode = normalizeAuthMode(s.authMode);
-      authMode = serverMode;
-      authUsername = s.authUsername || "";
-      updateSettings({ serverAuthMode: serverMode, serverAuthUser: authUsername });
-      socksEnabled = s.socksProxyEnabled; socksHost = s.socksProxyHost;
-      socksPort = s.socksProxyPort; socksVersion = s.socksProxyVersion;
-      socksUsername = s.socksProxyUsername;
-      flareEnabled = s.flareSolverrEnabled; flareUrl = s.flareSolverrUrl;
-      flareTimeout = s.flareSolverrTimeout; flareSession = s.flareSolverrSessionName;
-      flareTtl = s.flareSolverrSessionTtl; flareFallback = s.flareSolverrAsResponseFallback;
-      updateSettings({
-        socksProxyEnabled: socksEnabled, socksProxyHost: socksHost, socksProxyPort: socksPort,
-        socksProxyVersion: socksVersion, socksProxyUsername: socksUsername,
-        flareSolverrEnabled: flareEnabled, flareSolverrUrl: flareUrl,
-        flareSolverrTimeout: flareTimeout, flareSolverrSessionName: flareSession,
-        flareSolverrSessionTtl: flareTtl, flareSolverrAsResponseFallback: flareFallback,
-      });
-    } catch {}
-  }
+      try {
+        const res = await gql<{ settings: {
+          authMode: string; authUsername: string;
+          socksProxyEnabled: boolean; socksProxyHost: string; socksProxyPort: string;
+          socksProxyVersion: number; socksProxyUsername: string;
+          flareSolverrEnabled: boolean; flareSolverrUrl: string; flareSolverrTimeout: number;
+          flareSolverrSessionName: string; flareSolverrSessionTtl: number;
+          flareSolverrAsResponseFallback: boolean;
+        }}>(GET_SERVER_SECURITY);
+        const s = res.settings;
+        const serverMode = normalizeAuthMode(s.authMode);
+        if (serverMode !== "UI_LOGIN") authSession.clearTokens();
+        authMode = serverMode;
+        authUsername = s.authUsername || "";
+        updateSettings({ serverAuthMode: serverMode, serverAuthUser: authUsername });
+        socksEnabled = s.socksProxyEnabled; socksHost = s.socksProxyHost;
+        socksPort = s.socksProxyPort; socksVersion = s.socksProxyVersion;
+        socksUsername = s.socksProxyUsername;
+        flareEnabled = s.flareSolverrEnabled; flareUrl = s.flareSolverrUrl;
+        flareTimeout = s.flareSolverrTimeout; flareSession = s.flareSolverrSessionName;
+        flareTtl = s.flareSolverrSessionTtl; flareFallback = s.flareSolverrAsResponseFallback;
+        updateSettings({
+          socksProxyEnabled: socksEnabled, socksProxyHost: socksHost, socksProxyPort: socksPort,
+          socksProxyVersion: socksVersion, socksProxyUsername: socksUsername,
+          flareSolverrEnabled: flareEnabled, flareSolverrUrl: flareUrl,
+          flareSolverrTimeout: flareTimeout, flareSolverrSessionName: flareSession,
+          flareSolverrSessionTtl: flareTtl, flareSolverrAsResponseFallback: flareFallback,
+        });
+      } catch {}
+    }
 
   async function saveAuth() {
     if (authMode === "NONE") { await clearAuth(); return; }
@@ -89,11 +90,11 @@
     try {
       const newUser = authUsername.trim();
       const newPass = authPassword.trim();
+      authSession.clearTokens();
       if (authMode === "UI_LOGIN") {
         await loginUI(newUser, newPass);
         updateSettings({ serverAuthMode: "UI_LOGIN", serverAuthUser: newUser, serverAuthPass: "" });
       } else {
-        authSession.clearTokens();
         updateSettings({ serverAuthMode: "BASIC_AUTH", serverAuthUser: newUser, serverAuthPass: newPass });
       }