From a95e9ad70cbcc58f665d9525dc533790af50f15e Mon Sep 17 00:00:00 2001
From: David Zwart <davidzwa@gmail.com>
Date: Sat, 26 Aug 2023 14:13:02 +0200
Subject: [PATCH 01/10] fix: remove VueAxios

---
 package.json   |  1 -
 pnpm-lock.yaml | 13 -------------
 src/main.ts    |  5 ++---
 3 files changed, 2 insertions(+), 17 deletions(-)

diff --git a/package.json b/package.json
index 622e2b97..ce708160 100644
--- a/package.json
+++ b/package.json
@@ -34,7 +34,6 @@
     "validator": "13.11.0",
     "vee-validate": "3.4.15",
     "vue": "2.7.14",
-    "vue-axios": "3.5.2",
     "vue-router": "3.6.5",
     "vuedraggable": "2.24.3",
     "vuetify": "2.7.1"
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index c042b5e5..533bea4f 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -53,9 +53,6 @@ dependencies:
   vue:
     specifier: 2.7.14
     version: 2.7.14
-  vue-axios:
-    specifier: 3.5.2
-    version: 3.5.2(axios@1.5.0)(vue@2.7.14)
   vue-router:
     specifier: 3.6.5
     version: 3.6.5(vue@2.7.14)
@@ -11017,16 +11014,6 @@ packages:
       extsprintf: 1.3.0
     dev: true
 
-  /vue-axios@3.5.2(axios@1.5.0)(vue@2.7.14):
-    resolution: {integrity: sha512-GP+dct7UlAWkl1qoP3ppw0z6jcSua5/IrMpjB5O8bh089iIiJ+hdxPYH2NPEpajlYgkW5EVMP95ttXWdas1O0g==}
-    peerDependencies:
-      axios: '*'
-      vue: ^3.0.0 || ^2.0.0
-    dependencies:
-      axios: 1.5.0
-      vue: 2.7.14
-    dev: false
-
   /vue-cli-plugin-vuetify@2.5.8(sass-loader@13.3.2)(vue@2.7.14)(vuetify-loader@1.9.2)(webpack@5.88.2):
     resolution: {integrity: sha512-uqi0/URJETJBbWlQHD1l0pnY7JN8Ytu+AL1fw50HFlGByPa8/xx+mq19GkFXA9FcwFT01IqEc/TkxMPugchomg==}
     peerDependencies:
diff --git a/src/main.ts b/src/main.ts
index fe66ad92..5c2b7ab2 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -4,8 +4,6 @@ import pinia from "./plugins/pinia";
 import VueRouter from "vue-router";
 import appRouter from "./router";
 import vuetify from "./plugins/vuetify";
-import axios from "axios";
-import VueAxios from "vue-axios";
 import { configureVeeValidate } from "@/plugins/veevalidate";
 import { generateAppConstants } from "@/shared/app.constants";
 import { registerFileDropDirective } from "@/directives/file-upload.directive";
@@ -17,7 +15,8 @@ import BaseDialog from "@/components/Generic/Dialogs/BaseDialog.vue";
 import { useSnackbar } from "./shared/snackbar.composable";
 
 Vue.config.productionTip = false;
-Vue.use(VueAxios, axios);
+Vue.config.silent = true;
+Vue.config.devtools = false;
 
 configureVeeValidate();
 registerFileDropDirective();

From 0297aa702df94cc466c770352a498b3a16514d9d Mon Sep 17 00:00:00 2001
From: David Zwart <davidzwa@gmail.com>
Date: Sat, 26 Aug 2023 14:13:59 +0200
Subject: [PATCH 02/10] chore: cleanup route names

---
 src/router/index.ts       | 29 +++++++++++++----------------
 src/router/route-names.ts | 10 ++++++++++
 src/router/utils.ts       |  2 +-
 3 files changed, 24 insertions(+), 17 deletions(-)
 create mode 100644 src/router/route-names.ts

diff --git a/src/router/index.ts b/src/router/index.ts
index 1d69ab60..decf816f 100644
--- a/src/router/index.ts
+++ b/src/router/index.ts
@@ -15,6 +15,8 @@ import DiagnosticsSettings from "../components/Settings/DiagnosticsSettings.vue"
 import { useAuthStore } from "@/store/auth.store";
 import LoginView from "../components/Login/LoginView.vue";
 import NotFoundView from "../components/NotFound/NotFoundView.vue";
+import LackingPermission from "@/components/Login/LackingPermission.vue";
+import { RouteNames } from "@/router/route-names";
 
 const NeedsAuth = {
   requiresAuth: true,
@@ -23,17 +25,6 @@ const NoAuth = {
   requiresAuth: false,
 };
 
-export const RouteNames = {
-  Home: "Home",
-  Login: "Login",
-  Printers: "PrintersView",
-  Settings: "Settings",
-  PrintStatistics: "Print Statistics",
-  About: "About",
-  // This route can be used for routes that are not found or data that cannot be found (by routing)
-  NotFound: "NotFound",
-};
-
 const routes: Array<RouteConfig> = [
   {
     path: "/",
@@ -49,7 +40,7 @@ const routes: Array<RouteConfig> = [
   },
   {
     path: "/printers",
-    name: "PrintersView",
+    name: RouteNames.PrintersView,
     meta: NeedsAuth,
     component: PrintersView,
   },
@@ -107,19 +98,25 @@ const routes: Array<RouteConfig> = [
   },
   {
     path: "/statistics",
-    name: "Print Statistics",
+    name: RouteNames.PrintStatistics,
     meta: NeedsAuth,
     component: PrintStatisticsView,
   },
   {
     path: "/about",
-    name: "About",
+    name: RouteNames.About,
     meta: NeedsAuth,
     component: AboutHelp,
   },
   {
     path: "*",
-    name: "NotFound",
+    name: RouteNames.LackingPermission,
+    meta: NoAuth,
+    component: LackingPermission,
+  },
+  {
+    path: "*",
+    name: RouteNames.NotFound,
     meta: NoAuth,
     component: NotFoundView,
   },
@@ -143,7 +140,7 @@ appRouter.beforeEach(async (to, from, next) => {
   }
 
   authStore.loadTokens();
-  if (!authStore.isLoggedIn) {
+  if (!authStore.hasAuthToken) {
     console.debug("Not logged in, redirecting to login page");
     if (from.path == "/login") {
       throw new Error("Already on login page, cannot redirect");
diff --git a/src/router/route-names.ts b/src/router/route-names.ts
new file mode 100644
index 00000000..4aa835f4
--- /dev/null
+++ b/src/router/route-names.ts
@@ -0,0 +1,10 @@
+export const RouteNames = {
+  Home: "Home",
+  Login: "Login",
+  PrintersView: "PrintersView",
+  Settings: "Settings",
+  PrintStatistics: "Print Statistics",
+  About: "About",
+  LackingPermission: "LackingPermission",
+  NotFound: "NotFound",
+};
diff --git a/src/router/utils.ts b/src/router/utils.ts
index ac60f86e..847ac625 100644
--- a/src/router/utils.ts
+++ b/src/router/utils.ts
@@ -1,5 +1,5 @@
 import VueRouter from "vue-router";
-import { RouteNames } from "./index";
+import { RouteNames } from "./route-names";
 
 export async function routeToPath(router: VueRouter, name: string) {
   return router.push({ name: name });

From 1dfc4f1fd28712642dbd4c67d2aea2598ed5189a Mon Sep 17 00:00:00 2001
From: David Zwart <davidzwa@gmail.com>
Date: Sat, 26 Aug 2023 14:15:06 +0200
Subject: [PATCH 03/10] fix: make getHttpClient async and apply better axios
 instance creation

---
 src/backend/auth.service.ts |  8 ++++----
 src/backend/base.service.ts | 12 ++++++------
 src/shared/http-client.ts   | 12 ++++++++----
 3 files changed, 18 insertions(+), 14 deletions(-)

diff --git a/src/backend/auth.service.ts b/src/backend/auth.service.ts
index 99f48014..110edcb4 100644
--- a/src/backend/auth.service.ts
+++ b/src/backend/auth.service.ts
@@ -7,12 +7,12 @@ export interface Tokens {
 
 export class AuthService {
   static async getLoginRequired() {
-    const httpClient = getHttpClient(false);
+    const httpClient = await getHttpClient(false);
     return await httpClient.get<{ loginRequired: boolean }>("api/auth/login-required");
   }
 
   static async postLogin(username: string, password: string) {
-    const httpClient = getHttpClient(false);
+    const httpClient = await getHttpClient(false);
     return await httpClient.post<Tokens>("api/auth/login", {
       username,
       password,
@@ -20,12 +20,12 @@ export class AuthService {
   }
 
   static async refreshLogin(refreshToken: string) {
-    const httpClient = getHttpClient(false);
+    const httpClient = await getHttpClient(false);
     return await httpClient.post<{ token: string }>("api/auth/refresh", { refreshToken });
   }
 
   static async verifyLogin() {
-    const httpClient = getHttpClient(true);
+    const httpClient = await getHttpClient(true);
     return await httpClient.post("api/auth/verify");
   }
 }
diff --git a/src/backend/base.service.ts b/src/backend/base.service.ts
index 5b6ffc4f..f80751a8 100644
--- a/src/backend/base.service.ts
+++ b/src/backend/base.service.ts
@@ -3,19 +3,19 @@ import { getHttpClient } from "@/shared/http-client";
 
 export class BaseService {
   protected static async getApi<R>(path: string) {
-    const httpClient = getHttpClient(true);
+    const httpClient = await getHttpClient(true);
     const response = await httpClient.get<R>(path);
     return response.data;
   }
 
   protected static async putApi<T>(path: string, body?: any) {
-    const httpClient = getHttpClient(true);
+    const httpClient = await getHttpClient(true);
     const response = await httpClient.put<T>(path, body);
     return response.data;
   }
 
   protected static async postApi<T>(path: string, body?: any) {
-    const httpClient = getHttpClient(true);
+    const httpClient = await getHttpClient(true);
     const response = await httpClient.post<T>(path, body);
     return response.data;
   }
@@ -25,12 +25,12 @@ export class BaseService {
     formData: FormData,
     config: AxiosRequestConfig
   ) {
-    const httpClient = getHttpClient(true);
+    const httpClient = await getHttpClient(true);
     return await httpClient.post(path, formData, config);
   }
 
   protected static async deleteApi<T>(path: string, body?: any) {
-    const httpClient = getHttpClient(true);
+    const httpClient = await getHttpClient(true);
     const response = await httpClient.request<T>({
       url: path,
       method: "delete",
@@ -40,7 +40,7 @@ export class BaseService {
   }
 
   protected static async patchApi<T>(path: string, body: any) {
-    const httpClient = getHttpClient(true);
+    const httpClient = await getHttpClient(true);
     const response = await httpClient.patch<T>(path, body);
     return response.data;
   }
diff --git a/src/shared/http-client.ts b/src/shared/http-client.ts
index d25045d7..d696aabf 100644
--- a/src/shared/http-client.ts
+++ b/src/shared/http-client.ts
@@ -1,16 +1,20 @@
-import axios from "axios";
+import axios, { AxiosError, AxiosRequestConfig, HttpStatusCode } from "axios";
 import { useAuthStore } from "@/store/auth.store";
 import Vue from "vue";
+import { useSnackbar } from "@/shared/snackbar.composable";
+import { sleep } from "@/utils/time.utils";
+import { useRouter } from "vue-router/composables";
+import { RouteNames } from "@/router/route-names";
 
 /**
  * Made async for future possibility of getting base URI externally or asynchronously
  */
 export async function getBaseUri() {
-  // return Vue.config.devtools ? "https://demo.fdm-monster.net" : "";
-  return Vue.config.devtools ? "http://localhost:4000/" : "/"; // Same-origin policy
+  // return process.env.NODE_ENV === "development" ? "https://demo.fdm-monster.net" : "";
+  return process.env.NODE_ENV === "development" ? "http://localhost:4000/" : "/"; // Same-origin policy
 }
 
-export function getHttpClient(withAuth: boolean = true) {
+export async function getHttpClient(withAuth: boolean = true) {
   axios.interceptors.request.use(async (config) => {
     config.baseURL = await getBaseUri();
     if (withAuth) {

From 8a666051e917f199f707e585dfe38cea6265fa21 Mon Sep 17 00:00:00 2001
From: David Zwart <davidzwa@gmail.com>
Date: Sat, 26 Aug 2023 14:16:59 +0200
Subject: [PATCH 04/10] feat: add LackingPermission component, adjust authStore

---
 src/App.vue                                |  6 +--
 src/AppLoader.vue                          | 62 +++++++++++++---------
 src/components/Generic/TopBar.vue          |  2 +-
 src/components/Login/LackingPermission.vue | 25 +++++++++
 src/components/Login/LoginView.vue         |  2 +-
 src/components/PrinterGrid/PrinterGrid.vue |  6 +--
 src/store/auth.store.ts                    | 21 ++++++--
 7 files changed, 85 insertions(+), 39 deletions(-)
 create mode 100644 src/components/Login/LackingPermission.vue

diff --git a/src/App.vue b/src/App.vue
index 533f3833..be2a752a 100644
--- a/src/App.vue
+++ b/src/App.vue
@@ -5,8 +5,8 @@
     <AppProgressSnackbar />
     <AlertErrorDialog />
 
-    <NavigationDrawer v-if="authStore.isLoggedIn || !authStore.loginRequired" />
-    <TopBar v-if="authStore.isLoggedIn || !authStore.loginRequired" />
+    <NavigationDrawer v-if="authStore.hasAuthToken || !authStore.loginRequired" />
+    <TopBar v-if="authStore.hasAuthToken || !authStore.loginRequired" />
 
     <AppLoader>
       <v-main>
@@ -79,7 +79,7 @@ export default defineComponent({
   },
   async mounted() {
     console.debug(
-      `App.vue mounted. Logged in: ${this.authStore.isLoggedIn}, Expired: ${this.authStore.isLoginExpired}`
+      `App.vue mounted. Logged in: ${this.authStore.hasAuthToken}, Expired: ${this.authStore.isLoginExpired}`
     );
 
     uploadProgressTest(false);
diff --git a/src/AppLoader.vue b/src/AppLoader.vue
index 1aa003ca..9d4898a6 100644
--- a/src/AppLoader.vue
+++ b/src/AppLoader.vue
@@ -1,21 +1,21 @@
 <template>
   <span>
-    <v-overlay
-      v-model="overlay"
-      class="align-center justify-center"
-      opacity="0.98"
-      style="z-index: 7"
-    >
-      <GridLoader :size="20" color="#a70015" />
+    <v-overlay v-model="overlay" opacity="0.98" style="z-index: 7">
+      <GridLoader :size="20" class="ma-auto" color="#a70015" />
+      <br />
+
+      <!-- Fade-in -->
+      <!-- Slow scroll fade-out vtexts -->
+      <div style="animation: fadeIn 0.75s">{{ overlayMessage }}</div>
     </v-overlay>
     <slot v-if="!overlay" />
   </span>
 </template>
+v
 <script lang="ts" setup>
 import { onBeforeMount, onUnmounted, ref } from "vue";
 import GridLoader from "./components/Generic/Loaders/GridLoader.vue";
 import { useAuthStore } from "./store/auth.store";
-import { useRouter } from "vue-router/composables";
 import { useSnackbar } from "@/shared/snackbar.composable";
 import { useSettingsStore } from "@/store/settings.store";
 import { setSentryEnabled } from "@/utils/sentry.util";
@@ -23,18 +23,22 @@ import { useFeatureStore } from "@/store/features.store";
 import { useProfileStore } from "@/store/profile.store";
 import { useEventBus } from "@vueuse/core";
 import { SocketIoService } from "@/shared/socketio.service";
-import { sleep } from "@/utils/time.utils";
 
 const authStore = useAuthStore();
 const settingsStore = useSettingsStore();
 const featureStore = useFeatureStore();
 const profileStore = useProfileStore();
-const overlay = ref(true);
+const overlay = ref(false);
+const overlayMessage = ref("");
 const snackbar = useSnackbar();
-const router = useRouter();
 const socketIoClient: SocketIoService = new SocketIoService();
 
-function setOverlay(overlayEnabled: boolean) {
+function setOverlay(overlayEnabled: boolean, message: string = "") {
+  if (!overlayEnabled) {
+    overlayMessage.value = "";
+  } else {
+    overlayMessage.value = message;
+  }
   overlay.value = overlayEnabled;
 }
 
@@ -76,8 +80,7 @@ onUnmounted(() => {
 });
 
 onBeforeMount(async () => {
-  // test slow page loading
-  // await sleep(2000);
+  setOverlay(true, "Loading spools");
 
   // If the route is wrong about login requirements, an error will be shown
   const loginRequired = await authStore.checkLoginRequired();
@@ -86,23 +89,30 @@ onBeforeMount(async () => {
   }
 
   // Router will have tackled routing already
-  if (!authStore.isLoggedIn) {
+  if (!authStore.hasAuthToken) {
     return setOverlay(false);
   }
 
-  if (authStore.isLoggedIn && authStore.isLoginExpired) {
-    try {
-      await authStore.refreshTokens();
-    } catch (e) {
-      console.error("Error when refreshing login.");
-      snackbar.openErrorMessage({
-        title: "Login error",
-        fullSubtitle: "Error when refreshing login.",
-      });
-      await router.push({ name: "Login" });
-    }
+  if (authStore.hasAuthToken && authStore.isLoginExpired) {
+    // What if refreshToken is not present or not valid?
+    setOverlay(true, "Refreshing login");
+
+    await authStore.verifyLogin();
+
+    // Dont load app
+    return;
   }
 
   await loadAppWithAuthentication();
 });
 </script>
+<style>
+@keyframes fadeIn {
+  0% {
+    opacity: 0;
+  }
+  100% {
+    opacity: 1;
+  }
+}
+</style>
diff --git a/src/components/Generic/TopBar.vue b/src/components/Generic/TopBar.vue
index e2f2bfe9..731a9f2c 100644
--- a/src/components/Generic/TopBar.vue
+++ b/src/components/Generic/TopBar.vue
@@ -9,7 +9,7 @@
     <PrintJobsMenu />
 
     <v-menu
-      v-if="authStore.isLoggedIn && !authStore.isLoginExpired"
+      v-if="authStore.hasAuthToken && !authStore.isLoginExpired"
       :close-on-content-click="false"
       :nudge-width="200"
       bottom
diff --git a/src/components/Login/LackingPermission.vue b/src/components/Login/LackingPermission.vue
new file mode 100644
index 00000000..c1367eb4
--- /dev/null
+++ b/src/components/Login/LackingPermission.vue
@@ -0,0 +1,25 @@
+<template>
+  <v-container fill-height fluid>
+    <v-app-bar app color="secondary" dark>
+      <v-toolbar-title class="text-uppercase white--text">
+        <span class="font-weight-light">FDM</span>
+        <strong>Monster</strong>
+      </v-toolbar-title>
+    </v-app-bar>
+
+    <img
+      alt="FDM Monster Background"
+      class="grid-bg-img align-content-center"
+      src="/img/logo.svg"
+      style="opacity: 0.06"
+    />
+
+    <v-layout align-center justify-center>
+      You do not have permission to access this page. Page: <strong>FloorSettings</strong>
+
+      The following permission is required:
+      <strong>Server.FakePermission.Read</strong>
+    </v-layout>
+  </v-container>
+</template>
+<script lang="ts" setup></script>
diff --git a/src/components/Login/LoginView.vue b/src/components/Login/LoginView.vue
index db80d661..d895d62d 100644
--- a/src/components/Login/LoginView.vue
+++ b/src/components/Login/LoginView.vue
@@ -31,7 +31,7 @@ const authStore = useAuthStore();
 
 onMounted(() => {
   authStore.loadTokens();
-  if (authStore.isLoggedIn || authStore.loginRequired === false) {
+  if (authStore.hasAuthToken || authStore.loginRequired === false) {
     const routePath = route.query.redirect;
 
     if (!routePath) {
diff --git a/src/components/PrinterGrid/PrinterGrid.vue b/src/components/PrinterGrid/PrinterGrid.vue
index b305d576..30a7c760 100644
--- a/src/components/PrinterGrid/PrinterGrid.vue
+++ b/src/components/PrinterGrid/PrinterGrid.vue
@@ -78,11 +78,11 @@
 <script lang="ts">
 import { defineComponent } from "vue";
 import PrinterGridTile from "@/components/PrinterGrid/PrinterGridTile.vue";
-import { totalVuetifyColumnCount } from "../../shared/printer-grid.constants";
+import { totalVuetifyColumnCount } from "@/shared/printer-grid.constants";
 import { usePrinterStore } from "@/store/printer.store";
 import { Printer } from "@/models/printers/printer.model";
 import { useGridStore } from "@/store/grid.store";
-import { dragAppId, INTENT, PrinterPlace } from "../../shared/drag.constants";
+import { dragAppId, INTENT, PrinterPlace } from "@/shared/drag.constants";
 import { useSettingsStore } from "@/store/settings.store";
 import { useFloorStore } from "@/store/floor.store";
 
@@ -96,7 +96,7 @@ export default defineComponent({
     };
   },
   setup() {
-    console.log("Setup grid");
+    console.debug("Setup grid");
     return {
       printerStore: usePrinterStore(),
       floorStore: useFloorStore(),
diff --git a/src/store/auth.store.ts b/src/store/auth.store.ts
index 5e1d9d35..ba469b78 100644
--- a/src/store/auth.store.ts
+++ b/src/store/auth.store.ts
@@ -2,7 +2,7 @@ import { defineStore } from "pinia";
 import { useJwt } from "@vueuse/integrations/useJwt";
 import type { JwtPayload } from "jwt-decode";
 import { AuthService, type Tokens } from "@/backend/auth.service";
-import { AxiosError } from "axios";
+import { AxiosError, HttpStatusCode } from "axios";
 import { RemovableRef, useLocalStorage } from "@vueuse/core";
 
 export interface IClaims extends JwtPayload {
@@ -59,17 +59,28 @@ export const useAuthStore = defineStore("auth", {
       this.refreshToken = refreshTokenRef.value;
     },
     async refreshTokens() {
-      if (!this.refreshToken) return;
+      if (!this.refreshToken) {
+        throw new Error("refreshTokens: no refresh token");
+      }
       return await AuthService.refreshLogin(this.refreshToken)
         .then((response) => {
           this.setIdToken(response.data.token);
         })
         .catch((e: AxiosError) => {
-          console.error("refreshTokens: failed to refresh tokens", e.code);
+          if (e.status == HttpStatusCode.Unauthorized) {
+            this.setTokens(null, null);
+            console.error("refreshTokens: authentication error, failed to refresh tokens", e.code);
+          } else {
+            console.error(
+              "refreshTokens: unknown error, failed to refresh tokens",
+              e.status,
+              e.code
+            );
+          }
           throw e;
         });
     },
-    setTokens(token: string, refreshToken: string) {
+    setTokens(token: string | null, refreshToken: string | null) {
       this.setIdToken(token);
       this.setRefreshToken(refreshToken);
     },
@@ -97,7 +108,7 @@ export const useAuthStore = defineStore("auth", {
       if (!claims?.exp) return false;
       return claims.exp < Date.now() / 1000;
     },
-    isLoggedIn() {
+    hasAuthToken() {
       return !!this.tokenClaims;
     },
     tokenClaims(): IClaims | null {

From bf3801fa5e0d395c9c4672cff6063599c25a4b4d Mon Sep 17 00:00:00 2001
From: David Zwart <davidzwa@gmail.com>
Date: Sat, 26 Aug 2023 14:17:20 +0200
Subject: [PATCH 05/10] stash: more clean http client interceptor

---
 src/shared/http-client.ts | 108 ++++++++++++++++++++++++++++++++++----
 1 file changed, 99 insertions(+), 9 deletions(-)

diff --git a/src/shared/http-client.ts b/src/shared/http-client.ts
index d696aabf..ccc2085f 100644
--- a/src/shared/http-client.ts
+++ b/src/shared/http-client.ts
@@ -15,15 +15,105 @@ export async function getBaseUri() {
 }
 
 export async function getHttpClient(withAuth: boolean = true) {
-  axios.interceptors.request.use(async (config) => {
-    config.baseURL = await getBaseUri();
-    if (withAuth) {
-      const auth = useAuthStore();
-      if (auth.isLoggedIn) {
-        config.headers.Authorization = `Bearer ${auth.token}`;
-      }
-    }
+  const instance = axios.create({
+    baseURL: await getBaseUri(),
+  });
+
+  instance.interceptors.request.use((config) => {
+    console.log(
+      `${config.method?.toUpperCase().padEnd(6)} ${config.url?.padEnd(25)} Bearer: ${withAuth
+        ?.toString()
+        .padEnd(7)} BaseURL: ${config.baseURL}`
+    );
     return config;
   });
-  return axios;
+
+  if (withAuth) {
+    instance.interceptors.request.use(
+      async (config) => {
+        const auth = useAuthStore();
+        if (auth.hasAuthToken) {
+          config.headers.Authorization = `Bearer ${auth.token}`;
+        }
+
+        return config;
+      },
+      (error) => {
+        console.error("Error in axios request interceptor", error);
+        return Promise.reject(error);
+      }
+    );
+  }
+
+  instance.interceptors.response.use(
+    (response) => response,
+    async (error: AxiosError) => {
+      const { response, config } = error;
+      if (!response) {
+        console.error("No response was returned by axios", error);
+        return error;
+      }
+
+      if (![HttpStatusCode.Unauthorized, HttpStatusCode.Unauthorized].includes(response.status)) {
+        // Timeout issues etc?
+        console.error("Error in axios response interceptor which is not 401 or 403", error);
+        return error;
+      }
+
+      if (response.status === HttpStatusCode.Unauthorized) {
+        // TODO exempt hostnames from retries
+        // TODO circuit breaker (max attempts) to prevent infinite retries
+        // TODO retry with exponential backoff
+        // TODO retry with extended timeout
+        // TODO consider axios-retry package
+
+        // try {
+        //   await authStore.refreshTokens();
+        // } catch (e) {
+        //   console.error("Error when refreshing login.");
+        //   snackbar.openErrorMessage({
+        //     title: "Login error",
+        //     fullSubtitle: "Error when refreshing login.",
+        //   });
+        //   await router.push({ name: "Login" });
+        // }
+        if (!withAuth) {
+          console.warn(`${error.config?.url} No auth was required, but 401 was thrown`);
+          useSnackbar().openErrorMessage({
+            title: "Authentication bug",
+            fullSubtitle:
+              "Login was required, although the request was not done with authentication. This is a bug.",
+          });
+          // throw error;
+          return;
+        }
+
+        // Check if state has changed, if so then retry
+        const authStore = useAuthStore();
+        if (!authStore.loginRequired) {
+          await authStore.checkLoginRequired();
+          if (authStore.loginRequired) {
+            console.warn("Retrying request after new login state");
+            await sleep(100);
+            return axios(config as AxiosRequestConfig);
+          } else {
+            console.warn("Cannot retry request as login is still not required");
+            useSnackbar().openErrorMessage({
+              title: "Authentication bug",
+              fullSubtitle:
+                "Authentication was not required, but the server returned authentication error. This is a bug.",
+            });
+            return;
+          }
+        } else {
+          console.warn("Login was required and 401 was thrown");
+        }
+
+        // Login required, so check expiry
+      } else if (response.status === HttpStatusCode.Forbidden) {
+        await useRouter().push({ name: RouteNames.LackingPermission });
+      }
+    }
+  );
+  return instance;
 }

From c40bffae4fecea4bfb5835a6b499e2008d678b57 Mon Sep 17 00:00:00 2001
From: David Zwart <davidzwa@gmail.com>
Date: Sat, 26 Aug 2023 23:06:57 +0200
Subject: [PATCH 06/10] fix: make authentication refresh resilient against
 problems without causing a loop

---
 src/AppLoader.vue                        | 35 ++++++----
 src/backend/auth.service.ts              |  8 +--
 src/backend/printers.service.ts          |  1 -
 src/components/Generic/PrintJobsMenu.vue |  4 +-
 src/components/Login/LoginForm.vue       | 44 ++++++++----
 src/components/Login/LoginView.vue       | 22 ++----
 src/router/index.ts                      |  6 +-
 src/shared/http-client.ts                | 88 ++++++++----------------
 src/store/auth.store.ts                  | 46 +++++++++----
 src/store/profile.store.ts               | 11 +--
 10 files changed, 135 insertions(+), 130 deletions(-)

diff --git a/src/AppLoader.vue b/src/AppLoader.vue
index 9d4898a6..3718c9b9 100644
--- a/src/AppLoader.vue
+++ b/src/AppLoader.vue
@@ -23,12 +23,16 @@ import { useFeatureStore } from "@/store/features.store";
 import { useProfileStore } from "@/store/profile.store";
 import { useEventBus } from "@vueuse/core";
 import { SocketIoService } from "@/shared/socketio.service";
+import { useRouter } from "vue-router/composables";
+import { sleep } from "@/utils/time.utils";
+import { RouteNames } from "@/router/route-names";
 
 const authStore = useAuthStore();
 const settingsStore = useSettingsStore();
 const featureStore = useFeatureStore();
 const profileStore = useProfileStore();
 const overlay = ref(false);
+const router = useRouter();
 const overlayMessage = ref("");
 const snackbar = useSnackbar();
 const socketIoClient: SocketIoService = new SocketIoService();
@@ -45,7 +49,7 @@ function setOverlay(overlayEnabled: boolean, message: string = "") {
 async function loadAppWithAuthentication() {
   try {
     authStore.loadTokens();
-    await authStore.verifyLogin();
+    await authStore.verifyOrRefreshLoginOnce();
     await settingsStore.loadSettings();
     await featureStore.loadFeatures();
     await profileStore.getProfile();
@@ -66,14 +70,19 @@ async function loadAppWithAuthentication() {
   setOverlay(false);
 }
 
-const key = useEventBus("auth:login");
-key.on(() => {
+const authFailKey = useEventBus("auth:failure");
+authFailKey.on(() => {
+  router.push({ name: RouteNames.Login });
+  setOverlay(true);
+});
+const loginEventKey = useEventBus("auth:login");
+loginEventKey.on(() => {
   setOverlay(true);
   loadAppWithAuthentication();
 });
 
 onUnmounted(() => {
-  key.reset();
+  loginEventKey.reset();
   if (socketIoClient) {
     socketIoClient.disconnect();
   }
@@ -89,17 +98,19 @@ onBeforeMount(async () => {
   }
 
   // Router will have tackled routing already
-  if (!authStore.hasAuthToken) {
+  if (!authStore.hasAuthToken && !authStore.hasRefreshToken) {
     return setOverlay(false);
   }
 
-  if (authStore.hasAuthToken && authStore.isLoginExpired) {
-    // What if refreshToken is not present or not valid?
-    setOverlay(true, "Refreshing login");
-
-    await authStore.verifyLogin();
-
-    // Dont load app
+  // What if refreshToken is not present or not valid?
+  setOverlay(true, "Refreshing login");
+  const refreshSuccess = await authStore.verifyOrRefreshLoginOnce();
+  if (!refreshSuccess) {
+    setOverlay(true, "Login expired, going back to login");
+    await sleep(500);
+    await router.push({ name: RouteNames.Login });
+    setOverlay(false);
+    // Dont load app as it will be redirected to login
     return;
   }
 
diff --git a/src/backend/auth.service.ts b/src/backend/auth.service.ts
index 110edcb4..d2a79be8 100644
--- a/src/backend/auth.service.ts
+++ b/src/backend/auth.service.ts
@@ -7,12 +7,12 @@ export interface Tokens {
 
 export class AuthService {
   static async getLoginRequired() {
-    const httpClient = await getHttpClient(false);
+    const httpClient = await getHttpClient(false, false);
     return await httpClient.get<{ loginRequired: boolean }>("api/auth/login-required");
   }
 
   static async postLogin(username: string, password: string) {
-    const httpClient = await getHttpClient(false);
+    const httpClient = await getHttpClient(false, false);
     return await httpClient.post<Tokens>("api/auth/login", {
       username,
       password,
@@ -20,12 +20,12 @@ export class AuthService {
   }
 
   static async refreshLogin(refreshToken: string) {
-    const httpClient = await getHttpClient(false);
+    const httpClient = await getHttpClient(false, false);
     return await httpClient.post<{ token: string }>("api/auth/refresh", { refreshToken });
   }
 
   static async verifyLogin() {
-    const httpClient = await getHttpClient(true);
+    const httpClient = await getHttpClient(true, false);
     return await httpClient.post("api/auth/verify");
   }
 }
diff --git a/src/backend/printers.service.ts b/src/backend/printers.service.ts
index fb351c56..02d30bfa 100644
--- a/src/backend/printers.service.ts
+++ b/src/backend/printers.service.ts
@@ -7,7 +7,6 @@ import {
   PreCreatePrinter,
 } from "@/models/printers/crud/create-printer.model";
 import { newRandomNamePair } from "@/shared/noun-adjectives.data";
-import validator from "validator";
 
 export class PrintersService extends BaseService {
   static applyLoginDetailsPatchForm(
diff --git a/src/components/Generic/PrintJobsMenu.vue b/src/components/Generic/PrintJobsMenu.vue
index 6c7c021b..94d09b44 100644
--- a/src/components/Generic/PrintJobsMenu.vue
+++ b/src/components/Generic/PrintJobsMenu.vue
@@ -82,8 +82,8 @@
 
 <script lang="ts">
 import { defineComponent } from "vue";
-import { usePrinterStore } from "../../store/printer.store";
-import { usePrinterStateStore } from "../../store/printer-state.store";
+import { usePrinterStore } from "@/store/printer.store";
+import { usePrinterStateStore } from "@/store/printer-state.store";
 
 interface Data {
   search: string;
diff --git a/src/components/Login/LoginForm.vue b/src/components/Login/LoginForm.vue
index d3ceab71..dce720f9 100644
--- a/src/components/Login/LoginForm.vue
+++ b/src/components/Login/LoginForm.vue
@@ -1,14 +1,34 @@
 <template>
   <v-container fill-height fluid>
-    <v-layout align-center justify-center>
-      <v-flex md4 sm8 xs12>
-        <v-card class="elevation-12">
-          <v-toolbar color="primary" dark>
-            <v-toolbar-title>
-              <v-icon>security</v-icon>
-              Authorization required
-            </v-toolbar-title>
-          </v-toolbar>
+    <v-layout align-content-center justify-center>
+      <v-flex
+        class="d-flex flex-column align-content-center"
+        md4
+        sm8
+        style="max-width: 450px; margin-top: 15%"
+        xs12
+      >
+        <div class="d-flex flex-column align-center">
+          <v-img
+            :src="require('@/assets/logo.png')"
+            class="shrink mr-1 pt-3 ml-1"
+            contain
+            style="opacity: 0.85"
+            width="150"
+          ></v-img>
+
+          <v-toolbar-title class="text-uppercase red--text">
+            <strong>FDM&nbsp;</strong>
+            <strong>Monster</strong>
+          </v-toolbar-title>
+
+          <v-toolbar-title class="mt-lg-10 mt-sm-10"> Login to your account</v-toolbar-title>
+          <v-card-subtitle class="grey--text">
+            Welcome back! Please enter your details
+          </v-card-subtitle>
+        </div>
+
+        <v-card class="elevation-4 pa-4" style="border-radius: 10px">
           <v-card-text>
             <v-form>
               <v-text-field
@@ -35,9 +55,9 @@
             </v-form>
           </v-card-text>
           <v-card-actions>
-            <!--            <v-btn color="primary" disabled to="/">Register</v-btn>-->
-            <v-spacer></v-spacer>
-            <v-btn :disabled="formIsDisabled" color="primary" @click="login()"> Login</v-btn>
+            <v-btn class="pa-4" color="primary" large style="width: 100%" @click="login()">
+              Login
+            </v-btn>
           </v-card-actions>
         </v-card>
       </v-flex>
diff --git a/src/components/Login/LoginView.vue b/src/components/Login/LoginView.vue
index d895d62d..eeb59f0f 100644
--- a/src/components/Login/LoginView.vue
+++ b/src/components/Login/LoginView.vue
@@ -1,18 +1,5 @@
 <template>
   <v-container fill-height fluid>
-    <v-app-bar app color="secondary" dark>
-      <v-toolbar-title class="text-uppercase white--text">
-        <span class="font-weight-light">FDM</span>
-        <strong>Monster</strong>
-      </v-toolbar-title>
-    </v-app-bar>
-
-    <img
-      alt="FDM Monster Background"
-      class="grid-bg-img align-content-center"
-      src="/img/logo.svg"
-      style="opacity: 0.06"
-    />
     <v-layout align-center justify-center>
       <LoginForm />
     </v-layout>
@@ -29,18 +16,21 @@ const route = useRoute();
 const router = useRouter();
 const authStore = useAuthStore();
 
-onMounted(() => {
+onMounted(async () => {
   authStore.loadTokens();
+  await authStore.checkLoginRequired();
+  await authStore.verifyOrRefreshLoginOnce();
+
   if (authStore.hasAuthToken || authStore.loginRequired === false) {
     const routePath = route.query.redirect;
 
     if (!routePath) {
       console.debug("LoginView, no query param, redirecting to home");
-      router.push({ name: "Home" });
+      await router.push({ name: "Home" });
       return;
     } else {
       console.debug("LoginView, query param, redirecting to", routePath);
-      router.push({
+      await router.push({
         path: routePath as string,
       });
       return;
diff --git a/src/router/index.ts b/src/router/index.ts
index decf816f..905decd8 100644
--- a/src/router/index.ts
+++ b/src/router/index.ts
@@ -109,9 +109,9 @@ const routes: Array<RouteConfig> = [
     component: AboutHelp,
   },
   {
-    path: "*",
+    path: "/lacking-permission",
     name: RouteNames.LackingPermission,
-    meta: NoAuth,
+    meta: NeedsAuth,
     component: LackingPermission,
   },
   {
@@ -140,7 +140,7 @@ appRouter.beforeEach(async (to, from, next) => {
   }
 
   authStore.loadTokens();
-  if (!authStore.hasAuthToken) {
+  if (!authStore.hasAuthToken && !authStore.hasRefreshToken) {
     console.debug("Not logged in, redirecting to login page");
     if (from.path == "/login") {
       throw new Error("Already on login page, cannot redirect");
diff --git a/src/shared/http-client.ts b/src/shared/http-client.ts
index ccc2085f..fd6e4e45 100644
--- a/src/shared/http-client.ts
+++ b/src/shared/http-client.ts
@@ -1,10 +1,5 @@
 import axios, { AxiosError, AxiosRequestConfig, HttpStatusCode } from "axios";
 import { useAuthStore } from "@/store/auth.store";
-import Vue from "vue";
-import { useSnackbar } from "@/shared/snackbar.composable";
-import { sleep } from "@/utils/time.utils";
-import { useRouter } from "vue-router/composables";
-import { RouteNames } from "@/router/route-names";
 
 /**
  * Made async for future possibility of getting base URI externally or asynchronously
@@ -14,16 +9,18 @@ export async function getBaseUri() {
   return process.env.NODE_ENV === "development" ? "http://localhost:4000/" : "/"; // Same-origin policy
 }
 
-export async function getHttpClient(withAuth: boolean = true) {
+export async function getHttpClient(withAuth: boolean = true, autoHandle401: boolean = true) {
   const instance = axios.create({
     baseURL: await getBaseUri(),
   });
 
   instance.interceptors.request.use((config) => {
-    console.log(
-      `${config.method?.toUpperCase().padEnd(6)} ${config.url?.padEnd(25)} Bearer: ${withAuth
+    console.debug(
+      `${config.method?.toUpperCase().padEnd(6)} ${config.url?.padEnd(25)} WithAuth: ${withAuth
         ?.toString()
-        .padEnd(7)} BaseURL: ${config.baseURL}`
+        .padEnd(7)} AutoHandle401: ${autoHandle401?.toString().padEnd(7)} BaseURL: ${
+        config.baseURL
+      }`
     );
     return config;
   });
@@ -45,74 +42,45 @@ export async function getHttpClient(withAuth: boolean = true) {
     );
   }
 
+  if (!autoHandle401) {
+    return instance;
+  }
+
   instance.interceptors.response.use(
     (response) => response,
     async (error: AxiosError) => {
       const { response, config } = error;
       if (!response) {
         console.error("No response was returned by axios", error);
-        return error;
+        return Promise.reject(error);
       }
 
       if (![HttpStatusCode.Unauthorized, HttpStatusCode.Unauthorized].includes(response.status)) {
         // Timeout issues etc?
         console.error("Error in axios response interceptor which is not 401 or 403", error);
-        return error;
+        return Promise.reject(error);
       }
 
-      if (response.status === HttpStatusCode.Unauthorized) {
-        // TODO exempt hostnames from retries
-        // TODO circuit breaker (max attempts) to prevent infinite retries
-        // TODO retry with exponential backoff
-        // TODO retry with extended timeout
-        // TODO consider axios-retry package
+      if (response.status === HttpStatusCode.Forbidden) {
+        console.error("403 Forbidden");
+        return Promise.reject(error);
+      }
 
-        // try {
-        //   await authStore.refreshTokens();
-        // } catch (e) {
-        //   console.error("Error when refreshing login.");
-        //   snackbar.openErrorMessage({
-        //     title: "Login error",
-        //     fullSubtitle: "Error when refreshing login.",
-        //   });
-        //   await router.push({ name: "Login" });
-        // }
-        if (!withAuth) {
-          console.warn(`${error.config?.url} No auth was required, but 401 was thrown`);
-          useSnackbar().openErrorMessage({
-            title: "Authentication bug",
-            fullSubtitle:
-              "Login was required, although the request was not done with authentication. This is a bug.",
-          });
-          // throw error;
-          return;
-        }
+      const authStore = useAuthStore();
+      authStore.loadTokens();
 
-        // Check if state has changed, if so then retry
-        const authStore = useAuthStore();
-        if (!authStore.loginRequired) {
-          await authStore.checkLoginRequired();
-          if (authStore.loginRequired) {
-            console.warn("Retrying request after new login state");
-            await sleep(100);
-            return axios(config as AxiosRequestConfig);
-          } else {
-            console.warn("Cannot retry request as login is still not required");
-            useSnackbar().openErrorMessage({
-              title: "Authentication bug",
-              fullSubtitle:
-                "Authentication was not required, but the server returned authentication error. This is a bug.",
-            });
-            return;
-          }
-        } else {
-          console.warn("Login was required and 401 was thrown");
-        }
+      // If this is called on AppLoader and failing, poll it if status 0
+      await authStore.checkLoginRequired();
 
-        // Login required, so check expiry
-      } else if (response.status === HttpStatusCode.Forbidden) {
-        await useRouter().push({ name: RouteNames.LackingPermission });
+      const success = await authStore.verifyOrRefreshLoginOnce();
+      if (success) {
+        console.debug("Redoing request", config?.url);
+        return axios(config as AxiosRequestConfig);
       }
+
+      console.error("401 Unauthorized");
+
+      return error;
     }
   );
   return instance;
diff --git a/src/store/auth.store.ts b/src/store/auth.store.ts
index ba469b78..a1a0e7bb 100644
--- a/src/store/auth.store.ts
+++ b/src/store/auth.store.ts
@@ -29,7 +29,7 @@ export const useAuthStore = defineStore("auth", {
           return this.loginRequired;
         })
         .catch((e: AxiosError) => {
-          console.error("authRequired: failed to check login required", e.code);
+          console.error("authRequired: failed to check login required", e.response?.status);
           throw e;
         });
     },
@@ -45,12 +45,28 @@ export const useAuthStore = defineStore("auth", {
         });
     },
     logout() {
+      console.debug("Logging out");
       this.setIdToken(null);
       this.setRefreshToken(null);
-      console.warn("Logged out");
     },
-    async verifyLogin() {
-      return await AuthService.verifyLogin();
+    async verifyOrRefreshLoginOnce() {
+      try {
+        await AuthService.verifyLogin();
+        return true;
+      } catch (e1) {
+        const canRefresh = this.hasAuthToken && this.isLoginExpired && this.hasRefreshToken;
+        if (canRefresh) {
+          try {
+            await this.refreshLoginToken();
+            await AuthService.verifyLogin();
+          } catch (e2) {
+            return false;
+          }
+          return true;
+        } else {
+          return false;
+        }
+      }
     },
     loadTokens() {
       const tokenRef = useLocalStorage<string | null>("token", null);
@@ -58,23 +74,29 @@ export const useAuthStore = defineStore("auth", {
       this.token = tokenRef.value;
       this.refreshToken = refreshTokenRef.value;
     },
-    async refreshTokens() {
+    async refreshLoginToken() {
       if (!this.refreshToken) {
-        throw new Error("refreshTokens: no refresh token");
+        throw new Error("refreshLoginToken: no refresh token");
       }
       return await AuthService.refreshLogin(this.refreshToken)
         .then((response) => {
-          this.setIdToken(response.data.token);
+          if (response?.data?.token) {
+            this.setIdToken(response.data.token);
+          }
+
+          return true;
         })
         .catch((e: AxiosError) => {
-          if (e.status == HttpStatusCode.Unauthorized) {
+          if (e.response?.status == HttpStatusCode.Unauthorized) {
             this.setTokens(null, null);
-            console.error("refreshTokens: authentication error, failed to refresh tokens", e.code);
+            console.error(
+              "refreshLoginToken: authentication error, failed to refresh tokens",
+              e.response?.status
+            );
           } else {
             console.error(
-              "refreshTokens: unknown error, failed to refresh tokens",
-              e.status,
-              e.code
+              "refreshLoginToken: unknown error, failed to refresh tokens",
+              e.response?.status
             );
           }
           throw e;
diff --git a/src/store/profile.store.ts b/src/store/profile.store.ts
index e9e4a893..edf00806 100644
--- a/src/store/profile.store.ts
+++ b/src/store/profile.store.ts
@@ -1,5 +1,4 @@
 import { defineStore } from "pinia";
-import { AxiosError } from "axios";
 import { UserService } from "@/backend/user.service";
 
 interface State {
@@ -12,13 +11,9 @@ export const useProfileStore = defineStore("profile", {
   }),
   actions: {
     async getProfile() {
-      return await UserService.getProfile()
-        .then((response) => {
-          this.username = response.username;
-        })
-        .catch((e: AxiosError) => {
-          console.log("getProfile: failed to get profile", e.code);
-        });
+      return await UserService.getProfile().then((response) => {
+        this.username = response.username;
+      });
     },
   },
 });

From bf36b884ee246d694d39fd2996d52fae82331fa9 Mon Sep 17 00:00:00 2001
From: David Zwart <davidzwa@gmail.com>
Date: Sat, 26 Aug 2023 23:07:32 +0200
Subject: [PATCH 07/10] fix: prevent AppLoader from crashing refresh on already
 routed login page

---
 src/AppLoader.vue | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/AppLoader.vue b/src/AppLoader.vue
index 3718c9b9..29621dc8 100644
--- a/src/AppLoader.vue
+++ b/src/AppLoader.vue
@@ -82,6 +82,7 @@ loginEventKey.on(() => {
 });
 
 onUnmounted(() => {
+  authFailKey.reset();
   loginEventKey.reset();
   if (socketIoClient) {
     socketIoClient.disconnect();
@@ -108,7 +109,9 @@ onBeforeMount(async () => {
   if (!refreshSuccess) {
     setOverlay(true, "Login expired, going back to login");
     await sleep(500);
-    await router.push({ name: RouteNames.Login });
+    if (router.currentRoute.name !== RouteNames.Login) {
+      await router.push({ name: RouteNames.Login });
+    }
     setOverlay(false);
     // Dont load app as it will be redirected to login
     return;

From 7cec00b84e69ca1805c59ca327f2337542977422 Mon Sep 17 00:00:00 2001
From: David Zwart <davidzwa@gmail.com>
Date: Sat, 26 Aug 2023 23:11:26 +0200
Subject: [PATCH 08/10] fix: typo

---
 src/AppLoader.vue | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/AppLoader.vue b/src/AppLoader.vue
index 29621dc8..6f27928d 100644
--- a/src/AppLoader.vue
+++ b/src/AppLoader.vue
@@ -11,7 +11,7 @@
     <slot v-if="!overlay" />
   </span>
 </template>
-v
+
 <script lang="ts" setup>
 import { onBeforeMount, onUnmounted, ref } from "vue";
 import GridLoader from "./components/Generic/Loaders/GridLoader.vue";

From 196a2907343503b8042f14e93e99ed418a25220f Mon Sep 17 00:00:00 2001
From: David Zwart <davidzwa@gmail.com>
Date: Sat, 26 Aug 2023 23:31:58 +0200
Subject: [PATCH 09/10] fix: improve login form layout, handle AppLoader late
 auth issues just in case

---
 src/AppLoader.vue                  | 16 ++++++++++-
 src/components/Login/LoginForm.vue | 44 ++++++++++++++++++++++++------
 src/components/Login/LoginView.vue |  5 ++--
 src/store/auth.store.ts            |  2 +-
 4 files changed, 54 insertions(+), 13 deletions(-)

diff --git a/src/AppLoader.vue b/src/AppLoader.vue
index 6f27928d..1c38e52c 100644
--- a/src/AppLoader.vue
+++ b/src/AppLoader.vue
@@ -46,10 +46,24 @@ function setOverlay(overlayEnabled: boolean, message: string = "") {
   overlay.value = overlayEnabled;
 }
 
+async function routeToLoginSafely() {
+  setOverlay(true, "Login expired, going back to login");
+  await sleep(500);
+  if (router.currentRoute.name !== RouteNames.Login) {
+    await router.push({ name: RouteNames.Login });
+  }
+  setOverlay(false);
+}
+
 async function loadAppWithAuthentication() {
   try {
     authStore.loadTokens();
-    await authStore.verifyOrRefreshLoginOnce();
+    const success = await authStore.verifyOrRefreshLoginOnce();
+    if (!success) {
+      // This should not happen, but if it does, go to login
+      return routeToLoginSafely();
+    }
+
     await settingsStore.loadSettings();
     await featureStore.loadFeatures();
     await profileStore.getProfile();
diff --git a/src/components/Login/LoginForm.vue b/src/components/Login/LoginForm.vue
index dce720f9..2972c0d1 100644
--- a/src/components/Login/LoginForm.vue
+++ b/src/components/Login/LoginForm.vue
@@ -5,7 +5,7 @@
         class="d-flex flex-column align-content-center"
         md4
         sm8
-        style="max-width: 450px; margin-top: 15%"
+        style="max-width: 450px; margin-top: 10%"
         xs12
       >
         <div class="d-flex flex-column align-center">
@@ -22,7 +22,7 @@
             <strong>Monster</strong>
           </v-toolbar-title>
 
-          <v-toolbar-title class="mt-lg-10 mt-sm-10"> Login to your account</v-toolbar-title>
+          <v-toolbar-title class="mt-lg-6 mt-sm-5"> Login to your account</v-toolbar-title>
           <v-card-subtitle class="grey--text">
             Welcome back! Please enter your details
           </v-card-subtitle>
@@ -31,12 +31,12 @@
         <v-card class="elevation-4 pa-4" style="border-radius: 10px">
           <v-card-text>
             <v-form>
+              <label> Username </label>
               <v-text-field
                 v-model="username"
-                :rules="['required', 'min:4', 'max:20']"
                 autofocus
-                label="Username"
                 name="login"
+                placeholder="Username"
                 prepend-icon="person"
                 type="text"
                 @keyup.enter="formIsDisabled || login()"
@@ -44,18 +44,29 @@
               <v-text-field
                 id="password"
                 v-model="password"
-                :rules="['required', 'min:8', 'max:20']"
+                :append-icon="showPassword ? 'visibility' : 'visibility_off'"
+                :type="showPassword ? 'text' : 'password'"
                 label="Password"
                 name="password"
                 password
                 prepend-icon="lock"
-                type="password"
+                @click:append="showPassword = !showPassword"
                 @keyup.enter="formIsDisabled || login()"
               ></v-text-field>
+              <v-alert v-if="errorMessage" class="mt-6" color="error" dense outlined>
+                {{ errorMessage }}
+              </v-alert>
             </v-form>
           </v-card-text>
           <v-card-actions>
-            <v-btn class="pa-4" color="primary" large style="width: 100%" @click="login()">
+            <v-btn
+              class="pa-4"
+              :loading="loading"
+              color="primary"
+              large
+              style="width: 100%"
+              @click="login()"
+            >
               Login
             </v-btn>
           </v-card-actions>
@@ -71,12 +82,16 @@ import { useAuthStore } from "@/store/auth.store";
 import { useRoute, useRouter } from "vue-router/composables";
 import { useEventBus } from "@vueuse/core";
 import { useSnackbar } from "@/shared/snackbar.composable";
+import { AxiosError } from "axios";
 
 const authStore = useAuthStore();
+const errorMessage = ref("");
 const username = ref("");
+const showPassword = ref(false);
 const password = ref("");
 const router = useRouter();
 const route = useRoute();
+const loading = ref(false);
 const loginEvent = useEventBus("auth:login");
 const snackbar = useSnackbar();
 
@@ -86,14 +101,27 @@ const formIsDisabled = computed(() => {
 
 async function login() {
   try {
+    loading.value = true;
     await authStore.login(username.value, password.value);
+    loading.value = false;
   } catch (e) {
+    loading.value = false;
+    if ((e as AxiosError)?.response?.status === 401) {
+      errorMessage.value = "Invalid credentials";
+      return;
+    }
+
     snackbar.openErrorMessage({
-      title: "Could not log you in",
+      title: "Error logging in",
+      fullSubtitle: "Please test your connection and try again.",
     });
+
     return;
   }
 
+  errorMessage.value = "";
+
+  // Trigger AppLoader
   loginEvent.emit(true);
 
   const routePath = route.query.redirect;
diff --git a/src/components/Login/LoginView.vue b/src/components/Login/LoginView.vue
index eeb59f0f..2325874a 100644
--- a/src/components/Login/LoginView.vue
+++ b/src/components/Login/LoginView.vue
@@ -19,9 +19,8 @@ const authStore = useAuthStore();
 onMounted(async () => {
   authStore.loadTokens();
   await authStore.checkLoginRequired();
-  await authStore.verifyOrRefreshLoginOnce();
-
-  if (authStore.hasAuthToken || authStore.loginRequired === false) {
+  const success = await authStore.verifyOrRefreshLoginOnce();
+  if (success || authStore.loginRequired === false) {
     const routePath = route.query.redirect;
 
     if (!routePath) {
diff --git a/src/store/auth.store.ts b/src/store/auth.store.ts
index a1a0e7bb..1a77af11 100644
--- a/src/store/auth.store.ts
+++ b/src/store/auth.store.ts
@@ -40,7 +40,7 @@ export const useAuthStore = defineStore("auth", {
           return response.data;
         })
         .catch((e: AxiosError) => {
-          console.error("login: failed to login", e.code);
+          console.error("login: failed to login", e.response?.status);
           throw e;
         });
     },

From 017a728bf48a1f94f1a789e2104f3390b2eb27ba Mon Sep 17 00:00:00 2001
From: David Zwart <davidzwa@gmail.com>
Date: Sun, 27 Aug 2023 01:44:42 +0200
Subject: [PATCH 10/10] fix: handle login errors by logging out with event,
 handle PermissionDenied with event

---
 src/App.vue                                   |  8 +-
 src/AppLoader.vue                             | 53 ++++++++-----
 .../Generic/Snackbars/AppErrorSnackbar.vue    | 16 +---
 src/components/Login/LackingPermission.vue    | 25 -------
 src/components/Login/LoginForm.vue            | 28 ++++++-
 src/components/Login/LoginView.vue            | 38 ----------
 src/components/Login/PermissionDenied.vue     | 75 +++++++++++++++++++
 src/main.ts                                   | 18 ++++-
 src/router/index.ts                           |  8 +-
 src/router/route-names.ts                     |  2 +-
 src/shared/http-client.ts                     | 37 +++++++--
 src/shared/snackbar.composable.ts             |  1 -
 src/store/auth.store.ts                       | 40 +++++-----
 src/store/floor.store.ts                      |  1 +
 src/store/printer.store.ts                    |  4 +
 15 files changed, 218 insertions(+), 136 deletions(-)
 delete mode 100644 src/components/Login/LackingPermission.vue
 create mode 100644 src/components/Login/PermissionDenied.vue

diff --git a/src/App.vue b/src/App.vue
index be2a752a..825ddf5d 100644
--- a/src/App.vue
+++ b/src/App.vue
@@ -5,8 +5,12 @@
     <AppProgressSnackbar />
     <AlertErrorDialog />
 
-    <NavigationDrawer v-if="authStore.hasAuthToken || !authStore.loginRequired" />
-    <TopBar v-if="authStore.hasAuthToken || !authStore.loginRequired" />
+    <NavigationDrawer
+      v-if="(authStore.hasAuthToken && !authStore.isLoginExpired) || !authStore.loginRequired"
+    />
+    <TopBar
+      v-if="(authStore.hasAuthToken && !authStore.isLoginExpired) || !authStore.loginRequired"
+    />
 
     <AppLoader>
       <v-main>
diff --git a/src/AppLoader.vue b/src/AppLoader.vue
index 1c38e52c..e05068b9 100644
--- a/src/AppLoader.vue
+++ b/src/AppLoader.vue
@@ -57,13 +57,6 @@ async function routeToLoginSafely() {
 
 async function loadAppWithAuthentication() {
   try {
-    authStore.loadTokens();
-    const success = await authStore.verifyOrRefreshLoginOnce();
-    if (!success) {
-      // This should not happen, but if it does, go to login
-      return routeToLoginSafely();
-    }
-
     await settingsStore.loadSettings();
     await featureStore.loadFeatures();
     await profileStore.getProfile();
@@ -74,8 +67,7 @@ async function loadAppWithAuthentication() {
     console.log("Error when loading settings.", e);
     snackbar.openErrorMessage({
       title: "Error",
-      fullSubtitle: "Error when verifying login and loading settings.",
-      subtitle: "Error when verifying login.",
+      subtitle: "Error when verifying login and loading settings.",
     });
   }
 
@@ -84,20 +76,42 @@ async function loadAppWithAuthentication() {
   setOverlay(false);
 }
 
+// In use (shared/http-client.ts)
+const authPermissionDeniedKey = useEventBus("auth:permission-denied");
+authPermissionDeniedKey.on(async (event) => {
+  console.log("[AppLoader] Permission denied, going to permission denied page");
+  setOverlay(true, "Permission denied");
+  await router.push({
+    name: RouteNames.PermissionDenied,
+    query: {
+      roles: event?.roles,
+      page: router.currentRoute.name,
+      permissions: event?.permissions,
+      error: event?.error,
+      url: event?.url,
+    },
+  });
+  setOverlay(false);
+});
+
+// Currently unused
 const authFailKey = useEventBus("auth:failure");
-authFailKey.on(() => {
-  router.push({ name: RouteNames.Login });
-  setOverlay(true);
+authFailKey.on(async () => {
+  console.debug("[AppLoader] Event received: 'auth:failure', going back to login");
+  setOverlay(true, "Authentication failed, going back to login");
+  await router.push({ name: RouteNames.Login });
+  setOverlay(false);
 });
+
+// In use (components/Login/LoginForm.vue)
 const loginEventKey = useEventBus("auth:login");
-loginEventKey.on(() => {
-  setOverlay(true);
-  loadAppWithAuthentication();
+loginEventKey.on(async () => {
+  console.debug("[AppLoader] Event received: 'auth:login', loading app");
+  setOverlay(true, "Loading app");
+  await loadAppWithAuthentication();
 });
 
 onUnmounted(() => {
-  authFailKey.reset();
-  loginEventKey.reset();
   if (socketIoClient) {
     socketIoClient.disconnect();
   }
@@ -113,14 +127,18 @@ onBeforeMount(async () => {
   }
 
   // Router will have tackled routing already
+  console.debug("[AppLoader] Checking if tokens are present");
   if (!authStore.hasAuthToken && !authStore.hasRefreshToken) {
+    console.debug("[AppLoader] No tokens present, hiding overlay as router will have handled it");
     return setOverlay(false);
   }
 
   // What if refreshToken is not present or not valid?
   setOverlay(true, "Refreshing login");
+  console.debug("[AppLoader] Verifying or refreshing login once");
   const refreshSuccess = await authStore.verifyOrRefreshLoginOnce();
   if (!refreshSuccess) {
+    console.debug("[AppLoader] No success refreshing");
     setOverlay(true, "Login expired, going back to login");
     await sleep(500);
     if (router.currentRoute.name !== RouteNames.Login) {
@@ -131,6 +149,7 @@ onBeforeMount(async () => {
     return;
   }
 
+  console.debug("[AppLoader] Loading app");
   await loadAppWithAuthentication();
 });
 </script>
diff --git a/src/components/Generic/Snackbars/AppErrorSnackbar.vue b/src/components/Generic/Snackbars/AppErrorSnackbar.vue
index 9405dd3d..ce92e4aa 100644
--- a/src/components/Generic/Snackbars/AppErrorSnackbar.vue
+++ b/src/components/Generic/Snackbars/AppErrorSnackbar.vue
@@ -22,17 +22,7 @@
         <div>
           <span class="font-weight-bold text-button">{{ snackbarTitle }}</span>
           <div v-if="snackbarSubtitle?.length">
-            {{ expandError && fullSubtitle?.length ? fullSubtitle : snackbarSubtitle }}
-            <br />
-            <v-btn
-              v-if="fullSubtitle?.length && fullSubtitle?.length < 35"
-              class="float-end"
-              icon
-              @click="expandError = !expandError"
-            >
-              <v-icon v-if="!expandError">expand_more</v-icon>
-              <v-icon v-if="expandError">expand_less</v-icon>
-            </v-btn>
+            {{ snackbarSubtitle }}
           </div>
         </div>
       </v-col>
@@ -43,7 +33,6 @@
         </v-btn>
       </v-col>
     </v-row>
-    <v-row v-if="expandError"></v-row>
   </v-snackbar>
 </template>
 <script lang="ts" setup>
@@ -53,16 +42,13 @@ import { onMounted, ref } from "vue";
 const snackbar = useSnackbar();
 const snackbarTimeout = ref(-1);
 const snackbarOpened = ref(false);
-const expandError = ref(false);
 const snackbarTitle = ref("");
 const snackbarSubtitle = ref("");
-const fullSubtitle = ref("");
 
 onMounted(() => {
   snackbar.onErrorMessage((data: ErrorMessage) => {
     snackbarTitle.value = data.title;
     snackbarSubtitle.value = data.subtitle ?? "";
-    fullSubtitle.value = data.fullSubtitle ?? "";
     snackbarOpened.value = true;
     snackbarTimeout.value = data.timeout ?? 10000;
   });
diff --git a/src/components/Login/LackingPermission.vue b/src/components/Login/LackingPermission.vue
deleted file mode 100644
index c1367eb4..00000000
--- a/src/components/Login/LackingPermission.vue
+++ /dev/null
@@ -1,25 +0,0 @@
-<template>
-  <v-container fill-height fluid>
-    <v-app-bar app color="secondary" dark>
-      <v-toolbar-title class="text-uppercase white--text">
-        <span class="font-weight-light">FDM</span>
-        <strong>Monster</strong>
-      </v-toolbar-title>
-    </v-app-bar>
-
-    <img
-      alt="FDM Monster Background"
-      class="grid-bg-img align-content-center"
-      src="/img/logo.svg"
-      style="opacity: 0.06"
-    />
-
-    <v-layout align-center justify-center>
-      You do not have permission to access this page. Page: <strong>FloorSettings</strong>
-
-      The following permission is required:
-      <strong>Server.FakePermission.Read</strong>
-    </v-layout>
-  </v-container>
-</template>
-<script lang="ts" setup></script>
diff --git a/src/components/Login/LoginForm.vue b/src/components/Login/LoginForm.vue
index 2972c0d1..9c16c9ca 100644
--- a/src/components/Login/LoginForm.vue
+++ b/src/components/Login/LoginForm.vue
@@ -77,7 +77,7 @@
 </template>
 
 <script lang="ts" setup>
-import { computed, ref } from "vue";
+import { computed, onMounted, ref } from "vue";
 import { useAuthStore } from "@/store/auth.store";
 import { useRoute, useRouter } from "vue-router/composables";
 import { useEventBus } from "@vueuse/core";
@@ -99,6 +99,30 @@ const formIsDisabled = computed(() => {
   return (username.value ?? "")?.length < 3 || (password.value ?? "").length < 3;
 });
 
+onMounted(async () => {
+  authStore.loadTokens();
+  await authStore.checkLoginRequired();
+  if (!authStore.hasRefreshToken) {
+    return;
+  }
+
+  const success = await authStore.verifyOrRefreshLoginOnce();
+  if (success || authStore.loginRequired === false) {
+    const routePath = route.query.redirect;
+
+    if (!routePath) {
+      console.debug("LoginView, no query param, redirecting to home");
+      await router.push({ name: "Home" });
+      return;
+    } else {
+      console.debug("LoginView, query param, redirecting to", routePath);
+      await router.push({
+        path: routePath as string,
+      });
+      return;
+    }
+  }
+});
 async function login() {
   try {
     loading.value = true;
@@ -113,7 +137,7 @@ async function login() {
 
     snackbar.openErrorMessage({
       title: "Error logging in",
-      fullSubtitle: "Please test your connection and try again.",
+      subtitle: "Please test your connection and try again.",
     });
 
     return;
diff --git a/src/components/Login/LoginView.vue b/src/components/Login/LoginView.vue
index 2325874a..ed25b8f9 100644
--- a/src/components/Login/LoginView.vue
+++ b/src/components/Login/LoginView.vue
@@ -7,43 +7,5 @@
 </template>
 
 <script lang="ts" setup>
-import { useAuthStore } from "@/store/auth.store";
-import { onMounted } from "vue";
 import LoginForm from "./LoginForm.vue";
-import { useRoute, useRouter } from "vue-router/composables";
-
-const route = useRoute();
-const router = useRouter();
-const authStore = useAuthStore();
-
-onMounted(async () => {
-  authStore.loadTokens();
-  await authStore.checkLoginRequired();
-  const success = await authStore.verifyOrRefreshLoginOnce();
-  if (success || authStore.loginRequired === false) {
-    const routePath = route.query.redirect;
-
-    if (!routePath) {
-      console.debug("LoginView, no query param, redirecting to home");
-      await router.push({ name: "Home" });
-      return;
-    } else {
-      console.debug("LoginView, query param, redirecting to", routePath);
-      await router.push({
-        path: routePath as string,
-      });
-      return;
-    }
-  }
-});
 </script>
-<style scoped>
-.grid-bg-img {
-  position: fixed;
-  height: 100vh;
-  top: 50vh;
-  width: 600%;
-  left: -250%;
-  filter: grayscale(100%);
-}
-</style>
diff --git a/src/components/Login/PermissionDenied.vue b/src/components/Login/PermissionDenied.vue
new file mode 100644
index 00000000..1590d331
--- /dev/null
+++ b/src/components/Login/PermissionDenied.vue
@@ -0,0 +1,75 @@
+<template>
+  <v-container fill-height fluid>
+    <v-app-bar app color="primary" dark>
+      <v-toolbar-title class="text-uppercase white--text">
+        <span class="font-weight-light">FDM</span>
+        <strong>Monster</strong>
+      </v-toolbar-title>
+    </v-app-bar>
+
+    <img
+      alt="FDM Monster Background"
+      class="grid-bg-img align-content-center"
+      src="/img/logo.svg"
+      style="opacity: 0.06"
+    />
+
+    <v-layout align-center column justify-center>
+      <v-card class="flex align-center justify-center pa-lg-16 pa-sm-10" style="width: 80%">
+        <v-card-title>
+          <v-icon class="mr-4" size="50">lock</v-icon>
+          <h3>Permission Denied</h3>
+        </v-card-title>
+        <v-card-subtitle class="mt-1">
+          You do not have permission to access a specific resource on this page.
+        </v-card-subtitle>
+
+        <v-card-text v-if="permissionProblems">
+          <div v-if="permissionProblems.page">
+            Page: <strong>{{ permissionProblems?.page }}</strong>
+          </div>
+          <div v-if="permissionProblems.permissions">
+            Required permission(s):
+            <strong v-for="perm of permissionProblems.permissions" :key="perm">{{ perm }}</strong>
+          </div>
+          <div v-if="permissionProblems.roles">
+            Usable roles:
+            <strong>{{ permissionProblems.roles?.join(", ") }}</strong>
+          </div>
+          <div v-if="permissionProblems.url">
+            Problematic API path:
+            <strong>{{ permissionProblems.url }}</strong>
+          </div>
+          <div v-if="permissionProblems.error">
+            Error:
+            <strong>{{ permissionProblems.error }}</strong>
+          </div>
+        </v-card-text>
+        <v-card-actions class="mt-6">
+          <v-btn class="align-center" color="primary" to="/" variant="elevated">
+            <v-icon class="mr-2">home</v-icon>
+            Go home
+          </v-btn>
+        </v-card-actions>
+      </v-card>
+    </v-layout>
+  </v-container>
+</template>
+<script lang="ts" setup>
+import { computed } from "vue";
+import { useRoute } from "vue-router/composables";
+
+const route = useRoute();
+
+interface PermissionDeniedQuery {
+  roles: string[];
+  permissions?: string[];
+  url?: string;
+  page?: string;
+  error?: string;
+}
+
+const permissionProblems = computed(() => {
+  return route.query as any as PermissionDeniedQuery;
+});
+</script>
diff --git a/src/main.ts b/src/main.ts
index 5c2b7ab2..d1ca18a9 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -13,6 +13,7 @@ import * as Sentry from "@sentry/vue";
 import { BrowserTracing } from "@sentry/vue";
 import BaseDialog from "@/components/Generic/Dialogs/BaseDialog.vue";
 import { useSnackbar } from "./shared/snackbar.composable";
+import { AxiosError } from "axios";
 
 Vue.config.productionTip = false;
 Vue.config.silent = true;
@@ -49,11 +50,22 @@ Vue.use(VueRouter);
 Vue.component(BaseDialog.name, BaseDialog);
 
 Vue.config.errorHandler = (err) => {
-  console.error(`An error was caught [${err.name}]:\n ${err.message}\n ${err.stack}`);
+  if (err instanceof AxiosError) {
+    console.error(
+      `An error was caught [${err.name}]:\n ${err.message}\n ${err.config?.url}\n${err.stack}`
+    );
+    useSnackbar().openErrorMessage({
+      title: "An error occurred",
+      subtitle: err.message,
+      timeout: 5000,
+    });
+    return;
+  } else {
+    console.error(`An error was caught [${err.name}]:\n ${err.message}\n ${err.stack}`);
+  }
   useSnackbar().openErrorMessage({
     title: "An error occurred",
-    subtitle: err.message?.length <= 35 ? err.message : err.message.slice(0, 23) + "...",
-    fullSubtitle: err.message,
+    subtitle: err.message,
     timeout: 5000,
   });
 };
diff --git a/src/router/index.ts b/src/router/index.ts
index 905decd8..47e82e67 100644
--- a/src/router/index.ts
+++ b/src/router/index.ts
@@ -15,7 +15,7 @@ import DiagnosticsSettings from "../components/Settings/DiagnosticsSettings.vue"
 import { useAuthStore } from "@/store/auth.store";
 import LoginView from "../components/Login/LoginView.vue";
 import NotFoundView from "../components/NotFound/NotFoundView.vue";
-import LackingPermission from "@/components/Login/LackingPermission.vue";
+import PermissionDenied from "@/components/Login/PermissionDenied.vue";
 import { RouteNames } from "@/router/route-names";
 
 const NeedsAuth = {
@@ -109,10 +109,10 @@ const routes: Array<RouteConfig> = [
     component: AboutHelp,
   },
   {
-    path: "/lacking-permission",
-    name: RouteNames.LackingPermission,
+    path: "/permission-denied",
+    name: RouteNames.PermissionDenied,
     meta: NeedsAuth,
-    component: LackingPermission,
+    component: PermissionDenied,
   },
   {
     path: "*",
diff --git a/src/router/route-names.ts b/src/router/route-names.ts
index 4aa835f4..562b4eaa 100644
--- a/src/router/route-names.ts
+++ b/src/router/route-names.ts
@@ -5,6 +5,6 @@ export const RouteNames = {
   Settings: "Settings",
   PrintStatistics: "Print Statistics",
   About: "About",
-  LackingPermission: "LackingPermission",
+  PermissionDenied: "PermissionDenied",
   NotFound: "NotFound",
 };
diff --git a/src/shared/http-client.ts b/src/shared/http-client.ts
index fd6e4e45..558381dc 100644
--- a/src/shared/http-client.ts
+++ b/src/shared/http-client.ts
@@ -1,5 +1,6 @@
 import axios, { AxiosError, AxiosRequestConfig, HttpStatusCode } from "axios";
 import { useAuthStore } from "@/store/auth.store";
+import { useEventBus } from "@vueuse/core";
 
 /**
  * Made async for future possibility of getting base URI externally or asynchronously
@@ -52,17 +53,34 @@ export async function getHttpClient(withAuth: boolean = true, autoHandle401: boo
       const { response, config } = error;
       if (!response) {
         console.error("No response was returned by axios", error);
-        return Promise.reject(error);
+        return Promise.reject({
+          message: `No response was returned by axios - URL ${config?.url}`,
+          stack: error.stack,
+        });
       }
 
-      if (![HttpStatusCode.Unauthorized, HttpStatusCode.Unauthorized].includes(response.status)) {
+      if (![HttpStatusCode.Unauthorized, HttpStatusCode.Forbidden].includes(response.status)) {
         // Timeout issues etc?
         console.error("Error in axios response interceptor which is not 401 or 403", error);
-        return Promise.reject(error);
+        return Promise.reject({
+          message: `${error.message} - URL ${config?.url}`,
+          stack: error.stack,
+        });
       }
 
       if (response.status === HttpStatusCode.Forbidden) {
-        console.error("403 Forbidden");
+        const data = error?.response?.data as {
+          error?: string;
+          roles?: string[];
+          permissions?: string[];
+        };
+        console.error("403 Forbidden", data);
+        useEventBus("auth:permission-denied").emit({
+          roles: data?.roles,
+          permissions: data?.permissions,
+          error: data?.error,
+          url: config?.url,
+        });
         return Promise.reject(error);
       }
 
@@ -72,15 +90,20 @@ export async function getHttpClient(withAuth: boolean = true, autoHandle401: boo
       // If this is called on AppLoader and failing, poll it if status 0
       await authStore.checkLoginRequired();
 
+      // If this fails, the server is just confused
       const success = await authStore.verifyOrRefreshLoginOnce();
       if (success) {
-        console.debug("Redoing request", config?.url);
+        console.debug("Redoing request without interceptors", config?.url);
         return axios(config as AxiosRequestConfig);
       }
 
-      console.error("401 Unauthorized");
+      console.error("[HttpClient] 401 Unauthorized - emitting 'auth:failure'");
+      useEventBus("auth:failure").emit({
+        url: config?.url,
+        error: error.message,
+      });
 
-      return error;
+      return Promise.reject(error);
     }
   );
   return instance;
diff --git a/src/shared/snackbar.composable.ts b/src/shared/snackbar.composable.ts
index 5a9b5f3d..3a92bf01 100644
--- a/src/shared/snackbar.composable.ts
+++ b/src/shared/snackbar.composable.ts
@@ -20,7 +20,6 @@ export interface InfoMessage {
 export interface ErrorMessage {
   title: string;
   subtitle?: string | null;
-  fullSubtitle?: string | null;
   timeout?: number;
   // The idea is that the error can be revisited on a separate page/dialog
   // url?: string;
diff --git a/src/store/auth.store.ts b/src/store/auth.store.ts
index 1a77af11..8eb9feab 100644
--- a/src/store/auth.store.ts
+++ b/src/store/auth.store.ts
@@ -3,15 +3,14 @@ import { useJwt } from "@vueuse/integrations/useJwt";
 import type { JwtPayload } from "jwt-decode";
 import { AuthService, type Tokens } from "@/backend/auth.service";
 import { AxiosError, HttpStatusCode } from "axios";
-import { RemovableRef, useLocalStorage } from "@vueuse/core";
 
 export interface IClaims extends JwtPayload {
   name: string;
 }
 
 export interface AuthState {
-  refreshToken: RemovableRef<string> | null;
-  token: RemovableRef<string> | null;
+  refreshToken: string | null;
+  token: string | null;
   loginRequired: boolean | null;
 }
 
@@ -46,16 +45,15 @@ export const useAuthStore = defineStore("auth", {
     },
     logout() {
       console.debug("Logging out");
-      this.setIdToken(null);
-      this.setRefreshToken(null);
+      this.setIdToken(undefined);
+      this.setRefreshToken(undefined);
     },
     async verifyOrRefreshLoginOnce() {
       try {
         await AuthService.verifyLogin();
         return true;
       } catch (e1) {
-        const canRefresh = this.hasAuthToken && this.isLoginExpired && this.hasRefreshToken;
-        if (canRefresh) {
+        if (this.hasRefreshToken) {
           try {
             await this.refreshLoginToken();
             await AuthService.verifyLogin();
@@ -69,10 +67,8 @@ export const useAuthStore = defineStore("auth", {
       }
     },
     loadTokens() {
-      const tokenRef = useLocalStorage<string | null>("token", null);
-      const refreshTokenRef = useLocalStorage<string | null>("refreshToken", null);
-      this.token = tokenRef.value;
-      this.refreshToken = refreshTokenRef.value;
+      this.token = localStorage.getItem("token");
+      this.refreshToken = localStorage.getItem("refreshToken");
     },
     async refreshLoginToken() {
       if (!this.refreshToken) {
@@ -88,7 +84,7 @@ export const useAuthStore = defineStore("auth", {
         })
         .catch((e: AxiosError) => {
           if (e.response?.status == HttpStatusCode.Unauthorized) {
-            this.setTokens(null, null);
+            this.setTokens(undefined, undefined);
             console.error(
               "refreshLoginToken: authentication error, failed to refresh tokens",
               e.response?.status
@@ -102,23 +98,25 @@ export const useAuthStore = defineStore("auth", {
           throw e;
         });
     },
-    setTokens(token: string | null, refreshToken: string | null) {
+    setTokens(token?: string, refreshToken?: string) {
       this.setIdToken(token);
       this.setRefreshToken(refreshToken);
     },
-    setIdToken(token: string | null) {
-      if (token == null) {
+    setIdToken(token?: string) {
+      if (!token?.length) {
         localStorage.removeItem("token");
+      } else {
+        localStorage.setItem("token", token as string);
+        this.token = token;
       }
-      localStorage.setItem("token", token as string);
-      this.token = token;
     },
-    setRefreshToken(refreshToken: string | null) {
-      if (refreshToken == null) {
+    setRefreshToken(refreshToken?: string) {
+      if (!refreshToken?.length) {
         localStorage.removeItem("refreshToken");
+      } else {
+        localStorage.setItem("refreshToken", refreshToken as string);
+        this.refreshToken = refreshToken;
       }
-      localStorage.setItem("refreshToken", refreshToken as string);
-      this.refreshToken = refreshToken;
     },
   },
   getters: {
diff --git a/src/store/floor.store.ts b/src/store/floor.store.ts
index 356e9020..fe87cb01 100644
--- a/src/store/floor.store.ts
+++ b/src/store/floor.store.ts
@@ -78,6 +78,7 @@ export const useFloorStore = defineStore("Floors", {
       return data;
     },
     saveFloors(floors: Floor[]) {
+      if (!floors?.length) return;
       this.floors = floors.sort((f, f2) => f.floor - f2.floor);
       const floorId = this.selectedFloor?._id;
       const foundFloor = this.floors.find((f) => f._id === floorId);
diff --git a/src/store/printer.store.ts b/src/store/printer.store.ts
index 22b1bdff..d4636af8 100644
--- a/src/store/printer.store.ts
+++ b/src/store/printer.store.ts
@@ -97,6 +97,10 @@ export const usePrinterStore = defineStore("Printers", {
       return data;
     },
     setPrinters(printers: Printer[]) {
+      if (!printers?.length) {
+        this.printers = [];
+        return;
+      }
       const viewedPrinterId = this.sideNavPrinter?.id;
       if (viewedPrinterId) {
         this.sideNavPrinter = printers.find((p) => p.id === viewedPrinterId);