volto icon indicating copy to clipboard operation
volto copied to clipboard
verified publisher icon plone

7397 invalid login credentials 401 issue

Open aryan7081 opened this issue 1 month ago • 2 comments

Main Fix: #7649

When login fails with 401 Unauthorised, the loader continues spinning and no error message is displayed to the user. This happened because the hydration check in middleware/api.js was blocking LOGIN_FAIL dispatch for all actions during hydration, not just GET_CONTENT. Since isHydrating is true on initial page load and hasExistingError is undefined for static routes like /login, the error handler returned early without dispatching LOGIN_FAIL, leaving the loader in a perpetual loading state.

This fix restricts the hydration check to only apply to GET_CONTENT actions, allowing user-initiated actions like LOGIN to always dispatch their _FAIL actions. Additionally, LOGIN is added to actions_raising_api_errors config to enable proper 401 error handling.

aryan7081 avatar Nov 17 '25 03:11 aryan7081

@aryan7081 Thanks for the analysis and fix. However we like to merge fixes first to the main branch (Volto 19) and then backport to other branches if necessary. Could you please rebase this on main (or open a different PR)?

davisagli avatar Nov 20 '25 05:11 davisagli

@davisagli Raised #7649 against main. I'll backport after that merge. Thanks!

aryan7081 avatar Nov 21 '25 14:11 aryan7081

Closing this as fixed here https://github.com/plone/volto/pull/7737

aryan7081 avatar Dec 19 '25 14:12 aryan7081