1 Commits

Author SHA1 Message Date
AmirReza Jamali 231d800b47 Fix AuthInterceptor replay logout-on-transient-error + add tests
Address PR re-review findings:
- Only a 401 on the replay falls through to logout; other DioExceptions
  (timeout, connection drop, 5xx) now propagate so a flaky network can't
  wipe a valid session and callers see the real error.
- Skip the refresh when the failed request's bearer no longer matches the
  stored one (a concurrent refresh already rotated it) and replay directly.
- Guard _logout() with a _loggingOut flag so the auth-failed callback fires
  once per burst rather than once per concurrent caller.

Add unit tests (fake Dio adapter + mocked prefs) covering the retry guard,
single-flight refresh, and non-401 replay propagation paths.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-13 16:20:23 +03:30