From 127b5b05353884cd6dab77f3bde7a3a5159bb391 Mon Sep 17 00:00:00 2001
From: Pranav C <pranavxc@gmail.com>
Date: Thu, 9 Feb 2023 16:34:45 +0530
Subject: [PATCH 1/3] fix(nocodb): remove acl for refresh token endpoint

Signed-off-by: Pranav C <pranavxc@gmail.com>
---
 packages/nocodb/src/lib/meta/api/userApi/userApis.ts | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/packages/nocodb/src/lib/meta/api/userApi/userApis.ts b/packages/nocodb/src/lib/meta/api/userApi/userApis.ts
index e72f673fe1..0ce346ead7 100644
--- a/packages/nocodb/src/lib/meta/api/userApi/userApis.ts
+++ b/packages/nocodb/src/lib/meta/api/userApi/userApis.ts
@@ -533,7 +533,7 @@ const mapRoutes = (router) => {
     '/user/password/change',
     ncMetaAclMw(passwordChange, 'passwordChange')
   );
-  router.post('/auth/token/refresh', ncMetaAclMw(refreshToken, 'refreshToken'));
+  router.post('/auth/token/refresh', catchError(refreshToken));
 
   /* Google auth apis */
 
@@ -572,10 +572,7 @@ const mapRoutes = (router) => {
     '/api/v1/db/auth/password/change',
     ncMetaAclMw(passwordChange, 'passwordChange')
   );
-  router.post(
-    '/api/v1/db/auth/token/refresh',
-    ncMetaAclMw(refreshToken, 'refreshToken')
-  );
+  router.post('/api/v1/db/auth/token/refresh', catchError(refreshToken));
   router.get(
     '/api/v1/db/auth/password/reset/:tokenId',
     catchError(renderPasswordReset)
@@ -606,10 +603,7 @@ const mapRoutes = (router) => {
     '/api/v1/auth/password/change',
     ncMetaAclMw(passwordChange, 'passwordChange')
   );
-  router.post(
-    '/api/v1/auth/token/refresh',
-    ncMetaAclMw(refreshToken, 'refreshToken')
-  );
+  router.post('/api/v1/auth/token/refresh', catchError(refreshToken));
   // respond with password reset page
   router.get('/auth/password/reset/:tokenId', catchError(renderPasswordReset));
 };

From eb98bb12ad54f68686560460f73cca43f7c8f65b Mon Sep 17 00:00:00 2001
From: Pranav C <pranavxc@gmail.com>
Date: Thu, 9 Feb 2023 17:29:56 +0530
Subject: [PATCH 2/3] fix(gui): when navigate to an auth required page try to
 populate token using refresh token if user is not logged in

Signed-off-by: Pranav C <pranavxc@gmail.com>
---
 packages/nc-gui/components.d.ts               |  1 -
 .../nc-gui/components/template/Editor.vue     | 16 ++++------
 .../nc-gui/composables/useApi/interceptors.ts |  1 -
 .../nc-gui/composables/useGlobal/actions.ts   | 29 ++++++++++---------
 .../nc-gui/composables/useGlobal/index.ts     |  2 +-
 packages/nc-gui/middleware/auth.global.ts     |  6 +++-
 6 files changed, 28 insertions(+), 27 deletions(-)

diff --git a/packages/nc-gui/components.d.ts b/packages/nc-gui/components.d.ts
index 016c0125a2..18efdf47a7 100644
--- a/packages/nc-gui/components.d.ts
+++ b/packages/nc-gui/components.d.ts
@@ -81,7 +81,6 @@ declare module '@vue/runtime-core' {
     ClaritySuccessLine: typeof import('~icons/clarity/success-line')['default']
     EvaEmailOutline: typeof import('~icons/eva/email-outline')['default']
     IcBaselineMoreVert: typeof import('~icons/ic/baseline-more-vert')['default']
-    Icon: typeof import('~icons/ic/on')['default']
     IcOutlineInsertDriveFile: typeof import('~icons/ic/outline-insert-drive-file')['default']
     IcRoundEdit: typeof import('~icons/ic/round-edit')['default']
     IcRoundKeyboardArrowDown: typeof import('~icons/ic/round-keyboard-arrow-down')['default']
diff --git a/packages/nc-gui/components/template/Editor.vue b/packages/nc-gui/components/template/Editor.vue
index a6be949176..7a077e045e 100644
--- a/packages/nc-gui/components/template/Editor.vue
+++ b/packages/nc-gui/components/template/Editor.vue
@@ -501,16 +501,12 @@ async function importTemplate() {
             }
           }
         }
-        const createdTable = await $api.base.tableCreate(
-          project.value?.id as string,
-          (baseId || project.value?.bases?.[0].id)!,
-          {
-            table_name: table.table_name,
-            // leave title empty to get a generated one based on table_name
-            title: '',
-            columns: table.columns || [],
-          },
-        )
+        const createdTable = await $api.base.tableCreate(project.value?.id as string, (baseId || project.value?.bases?.[0].id)!, {
+          table_name: table.table_name,
+          // leave title empty to get a generated one based on table_name
+          title: '',
+          columns: table.columns || [],
+        })
         table.id = createdTable.id
         table.title = createdTable.title
 
diff --git a/packages/nc-gui/composables/useApi/interceptors.ts b/packages/nc-gui/composables/useApi/interceptors.ts
index 22e2c139ff..fa1cd35f09 100644
--- a/packages/nc-gui/composables/useApi/interceptors.ts
+++ b/packages/nc-gui/composables/useApi/interceptors.ts
@@ -40,7 +40,6 @@ export function addAxiosInterceptors(api: Api<any>) {
       // Logout user if token refresh didn't work or user is disabled
       if (error.config.url === '/auth/token/refresh') {
         state.signOut()
-
         return Promise.reject(error)
       }
 
diff --git a/packages/nc-gui/composables/useGlobal/actions.ts b/packages/nc-gui/composables/useGlobal/actions.ts
index 3dcddc296a..8dc1ffc849 100644
--- a/packages/nc-gui/composables/useGlobal/actions.ts
+++ b/packages/nc-gui/composables/useGlobal/actions.ts
@@ -28,19 +28,22 @@ export function useGlobalActions(state: State): Actions {
     const nuxtApp = useNuxtApp()
     const t = nuxtApp.vueApp.i18n.global.t
 
-    nuxtApp.$api.instance
-      .post('/auth/token/refresh', null, {
-        withCredentials: true,
-      })
-      .then((response) => {
-        if (response.data?.token) {
-          signIn(response.data.token)
-        }
-      })
-      .catch((err) => {
-        message.error(err.message || t('msg.error.youHaveBeenSignedOut'))
-        signOut()
-      })
+    return new Promise((resolve) => {
+      nuxtApp.$api.instance
+        .post('/auth/token/refresh', null, {
+          withCredentials: true,
+        })
+        .then((response) => {
+          if (response.data?.token) {
+            signIn(response.data.token)
+          }
+        })
+        .catch((err) => {
+          message.error(err.message || t('msg.error.youHaveBeenSignedOut'))
+          signOut()
+        })
+        .finally(resolve)
+    })
   }
 
   const loadAppInfo = async () => {
diff --git a/packages/nc-gui/composables/useGlobal/index.ts b/packages/nc-gui/composables/useGlobal/index.ts
index 31599e1cf1..81556a715c 100644
--- a/packages/nc-gui/composables/useGlobal/index.ts
+++ b/packages/nc-gui/composables/useGlobal/index.ts
@@ -53,7 +53,7 @@ export const useGlobal = createGlobalState((): UseGlobalReturn => {
         state.jwtPayload.value.exp &&
         state.jwtPayload.value.exp - 5 * 60 < state.timestamp.value / 1000
       ),
-    async (expiring) => {
+    async (expiring: boolean) => {
       if (getters.signedIn.value && state.jwtPayload.value && expiring) {
         await actions.refreshToken()
       }
diff --git a/packages/nc-gui/middleware/auth.global.ts b/packages/nc-gui/middleware/auth.global.ts
index 2fda82fe37..6bd60b4440 100644
--- a/packages/nc-gui/middleware/auth.global.ts
+++ b/packages/nc-gui/middleware/auth.global.ts
@@ -52,7 +52,11 @@ export default defineNuxtRouteMiddleware(async (to, from) => {
       return navigateTo('/signup')
     }
 
-    return navigateTo('/signin')
+    /** try generating access token using refresh token */
+    await state.refreshToken()
+
+    /** if user is still not signed in, redirect to signin page */
+    if (!state.signedIn.value) return navigateTo('/signin')
   } else if (to.meta.requiresAuth === false && state.signedIn.value) {
     /**
      * if user was turned away from non-auth page but also came from a non-auth page (e.g. user went to /signin and reloaded the page)

From 459a1802fa31d76da2defc2b5178fd0c827e34d1 Mon Sep 17 00:00:00 2001
From: Pranav C <pranavxc@gmail.com>
Date: Fri, 10 Feb 2023 15:59:33 +0530
Subject: [PATCH 3/3] fix(gui): reload table data after duplicating a column

Signed-off-by: Pranav C <pranavxc@gmail.com>
---
 packages/nc-gui/components/smartsheet/header/Menu.vue | 1 +
 1 file changed, 1 insertion(+)

diff --git a/packages/nc-gui/components/smartsheet/header/Menu.vue b/packages/nc-gui/components/smartsheet/header/Menu.vue
index bbd30a8ddb..b1fbd20a6a 100644
--- a/packages/nc-gui/components/smartsheet/header/Menu.vue
+++ b/packages/nc-gui/components/smartsheet/header/Menu.vue
@@ -162,6 +162,7 @@ const duplicateColumn = async () => {
     await getMeta(meta!.value!.id!, true)
 
     eventBus.emit(SmartsheetStoreEvents.FIELD_RELOAD)
+    reloadDataHook?.trigger()
 
     message.success(t('msg.success.columnDuplicated'))
   } catch (e) {