From 348c73a1b8484dd17806eda5cc866bec4dda99fc Mon Sep 17 00:00:00 2001
From: indigane <indigane@users.noreply.github.com>
Date: Fri, 20 Dec 2024 11:52:59 +0200
Subject: [PATCH] Change CSRF error handling to open login URL in new tab when
 necessary

---
 frontend/src/Router.tsx              | 13 ++++++++++++-
 frontend/src/common/services/apis.ts |  6 +++++-
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/frontend/src/Router.tsx b/frontend/src/Router.tsx
index 844870ac3..fc8044e41 100644
--- a/frontend/src/Router.tsx
+++ b/frontend/src/Router.tsx
@@ -1,4 +1,4 @@
-import React from "react";
+import React, {useEffect} from "react";
 import {Navigate, Route, Routes} from "react-router-dom";
 import App from "./app/App";
 import {selectIsAuthenticated} from "./app/authSlice";
@@ -36,6 +36,13 @@ export default function Router() {
         return isAuthenticated ? element : <Unauthorized />;
     };
 
+    function WindowClose() {
+        useEffect(() => {
+            window.close();
+        }, []);
+        return null;
+    }
+
     return (
         <Routes>
             <Route
@@ -148,6 +155,10 @@ export default function Router() {
                     path="logout"
                     element={isAuthenticated ? <></> : <Logout />}
                 />
+                <Route
+                    path="window-close"
+                    element={<WindowClose />}
+                />
                 <Route
                     index
                     element={<Navigate to="/housing-companies" />}
diff --git a/frontend/src/common/services/apis.ts b/frontend/src/common/services/apis.ts
index 580c43c09..bdc25afaf 100644
--- a/frontend/src/common/services/apis.ts
+++ b/frontend/src/common/services/apis.ts
@@ -69,7 +69,11 @@ const baseQueryWithReAuth: BaseQueryFn<string | FetchArgs, unknown, FetchBaseQue
         const errorMessage = (result.error?.data as {detail: string})?.detail;
         if (errorMessage?.startsWith("CSRF Failed:")) {
             hdsToast.error("CSRF Virhe. Uudelleenohjataan kirjautumissivulle.");
-            window.location.href = getSignInUrl(window.location.href);
+            setTimeout(() => {
+                // Open login in a new window/tab to avoid losing form data
+                const callBackUrl = new URL("/window-close", window.location.origin).toString();
+                window.open(getSignInUrl(callBackUrl), "_blank");
+            }, 1000);
         }
     }
     return result;