Unable to have a normal conversation with the agent in the chat box after token expiration

[llinvokerl]

Self Checks

• This is only for bug report, if you would like to ask a question, please head to Discussions.
• I have searched for existing issues search for existing issues, including closed ones.
• I confirm that I am using English to submit this report (我已阅读并同意 Language Policy).
• [FOR CHINESE USERS] 请务必使用英文提交 Issue，否则会被关闭。谢谢！:）
• Please do not modify this template :) and fill in all the required fields.

Dify version

0.11.2

Cloud or Self Hosted

Self Hosted (Source)

Steps to reproduce

1. Modify the environment variable ACCESS_TOKEN_EXPIRE_MINUTES to "1", so the access token will expire in 1 minute.
2. Enter the agent's Debug and Preview interface and send a message, triggering the /chat-messages API.
3. Wait 1 minute for the token to expire, then send another message, calling /chat-messages again.

After completing the steps mentioned above, the browser starts an infinite loop, alternately calling /refresh-token and /chat-messages, while the chat box continually shows the agent as "speaking."

This issue occurs because, after the frontend receives a 401 unauthorized response from the /chat-messages call, it requests a token refresh. However, when it calls /chat-messages again, it doesn't use the new token. Since the old token has expired, it still gets a 401 unauthorized response from /chat-messages. As a result, the frontend keeps requesting /refresh-token, but this effort is in vain.

✔️ Expected Behavior

After using /refresh-token, it's necessary to explicitly use the updated token when calling /chat-messages again.

❌ Actual Behavior

[dosubot]

To resolve the issue where the chat box enters an infinite loop of calling /refresh-token and /chat-messages after token expiration, ensure that the new token is being used for subsequent requests after a successful token refresh. Here are some steps to consider:

1. Update Token Usage: After obtaining a new access token, make sure it is updated in local storage and used for all subsequent API requests. Verify that the code correctly updates the console_token and refresh_token in local storage and that these updated tokens are used in the headers of the /chat-messages API call.

2. Check 401 Responses: If a 401 response is received after a token refresh, ensure that the new token is being used. If the old token is still being used, it will lead to repeated token refresh attempts.

3. Avoid Infinite Loops: Ensure that the token refresh logic is separate from the main fetch logic to prevent it from triggering another refresh inadvertently. This separation helps avoid infinite loops.

4. Debugging: Add logging or debugging statements to confirm that the new token is being set and used correctly in the /chat-messages request.

5. Error Handling: Implement error handling to manage cases where the token refresh fails, such as prompting the user to re-login if necessary.

These steps should help in resolving the issue by ensuring that the new token is correctly utilized after a refresh ^[1].

To continue talking to Dosu, mention @dosu.