maxim.dolgolyov/Learn_System
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(auth): include avatar_url in login response + lazy refresh stale cache

Browse Source 
Login was only returning {id, email, name, role}, so localStorage.ls_user
never had avatar_url for sessions started before today — and the sidebar
fell back to initials forever. Fixes:

  • login response now includes avatar_url
  • renderNavAvatar detects 'undefined' (cache predates the field) vs
    'null' (verified absent) and fires a one-shot /auth/me refresh in
    the background, then re-paints. Self-healing for existing sessions
    without forcing re-login.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Maxim Dolgolyov
2026-05-29 15:07:16 +03:00
parent 4423a72635
commit eb19ce3cf9
2 changed files with 25 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/src/controllers/authController.js
+2 -2
View File
@@ -51,7 +51,7 @@ async function login(req, res, next) {
return res.status(400).json({ error: 'email and password are required' });
const user = db.prepare(
'SELECT id, email, name, role, password_hash, token_version FROM users WHERE email = ?'
'SELECT id, email, name, role, password_hash, token_version, avatar_url FROM users WHERE email = ?'
).get(email);
if (!user || !(await bcrypt.compare(password, user.password_hash)))
@@ -60,7 +60,7 @@ async function login(req, res, next) {
db.prepare("UPDATE users SET last_login = datetime('now') WHERE id = ?").run(user.id);
const token = signToken(user);
res.json({ token, user: { id: user.id, email: user.email, name: user.name, role: user.role } });
res.json({ token, user: { id: user.id, email: user.email, name: user.name, role: user.role, avatar_url: user.avatar_url } });
} catch (err) { next(err); }
}