fix: refresh loop in axios interceptor (#123)

CHANGELOG.md

@@ -6,6 +6,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+## [5.0.1] - 2024-05-24
+
+### Fixes
+
+- Fix a possible refresh loop in the axios interceptor
+
 ## [5.0.0] - 2024-05-08
 
 ### Breaking changes

lib/ts/axios.ts

@@ -498,6 +498,7 @@ async function setAuthorizationHeaderIfRequired(requestConfig: AxiosRequestConfi
                 ...requestConfig.headers,
                 Authorization: `Bearer ${accessToken}`
             };
+            (requestConfig as any).__supertokensAddedAuthHeader = true;
         }
     } else {
         logDebugMessage("setAuthorizationHeaderIfRequired: token for header based auth not found");
@@ -510,7 +511,7 @@ async function removeAuthHeaderIfMatchesLocalToken(config: AxiosRequestConfig) {
     const authHeader = config.headers!.Authorization || config.headers!.authorization;
 
     if (accessToken !== undefined && refreshToken !== undefined) {
-        if (authHeader === `Bearer ${accessToken}`) {
+        if (authHeader === `Bearer ${accessToken}` || "__supertokensAddedAuthHeader" in config) {
             // We are ignoring the Authorization header set by the user in this case, because it would cause issues
             // If we do not ignore this, then this header would be used even if the request is being retried after a refresh, even though it contains an outdated access token.
             // This causes an infinite refresh loop.

lib/ts/version.ts

@@ -12,6 +12,6 @@
  * License for the specific language governing permissions and limitations
  * under the License.
  */
-export const package_version = "5.0.0";
+export const package_version = "5.0.1";
 
 export const supported_fdi = ["1.16", "1.17", "1.18", "1.19"];

package.json

@@ -1,6 +1,6 @@
 {
   "name": "supertokens-react-native",
-  "version": "5.0.0",
+  "version": "5.0.1",
   "description": "React Native SDK for SuperTokens",
   "main": "index.js",
   "scripts": {