fix: address all PR review comments

- HTTPClient: replace isRefreshing bool with shared Task to safely coalesce concurrent 401 refresh attempts; surface JSON serialization error instead of silently dropping request body - AuthService.logout: always clear Keychain tokens via defer, even when refresh token is absent, preventing stale access token - NotificationsAPIService: remove updateAppBadge (UIKit call moved to @MainActor NotificationsViewModel); drop unused UIKit import - NotificationsViewModel: guard startPolling() against duplicate tasks; update badge directly on @MainActor instead of hopping to actor - VerifyEmailView: replace Timer (never invalidated) with async Task cancelled in .onDisappear - NotificationsView: use Text(date, style: .relative) — auto-updates without custom formatter; remove duplicate Date extension - SettingsView: handle logoutAll errors explicitly with alert instead of silently proceeding with local logout - MaydayLiveActivity/Info.plist: add NSExtensionPrincipalClass so the widget extension is discoverable by the system - Live Activity widget: replace frozen duration(from:) with Text(date, style: .timer); replace frozen relativeFormatted with Text(date, style: .relative); localize status badge to Russian Co-authored-by: robonen <26167508+robonen@users.noreply.github.com>
2026-03-13 23:29:19 +00:00
parent 9259a3693a
commit 597787a6c9
9 changed files with 91 additions and 78 deletions
@@ -52,9 +52,11 @@ actor AuthService {
    }

    func logout() async throws {
+        // Always clear local tokens, regardless of whether the network call succeeds,
+        // to avoid leaving a stale access token in Keychain.
+        defer { keychain.clearTokens() }
        guard let refreshToken = keychain.loadRefreshToken() else { return }
        let _: EmptyResponse = try await client.request(.logout(refreshToken: refreshToken))
-        keychain.clearTokens()
    }

    func getMe() async throws -> UserResponse {
@@ -122,7 +122,8 @@ actor HTTPClient {

    private let baseURL: String
    private let keychain = KeychainService.shared
-    private var isRefreshing = false
+    // Single in-flight refresh task; concurrent 401s await this rather than racing.
+    private var refreshTask: Task<Void, Error>?

    private init() {
        #if DEBUG
@@ -133,8 +134,7 @@ actor HTTPClient {
    }

    func request<T: Decodable>(_ endpoint: Endpoint) async throws -> T {
-        let response: T = try await performRequest(endpoint, retryOnUnauthorized: endpoint.requiresAuth)
-        return response
+        try await performRequest(endpoint, retryOnUnauthorized: endpoint.requiresAuth)
    }

    private func performRequest<T: Decodable>(_ endpoint: Endpoint, retryOnUnauthorized: Bool) async throws -> T {
@@ -160,7 +160,11 @@ actor HTTPClient {
                    urlRequest.url = components.url
                }
            } else {
-                urlRequest.httpBody = try? JSONSerialization.data(withJSONObject: body)
+                do {
+                    urlRequest.httpBody = try JSONSerialization.data(withJSONObject: body)
+                } catch {
+                    throw APIError.networkError(error)
+                }
            }
        }

@@ -175,10 +179,12 @@ actor HTTPClient {
            throw APIError.networkError(URLError(.badServerResponse))
        }

-        if httpResponse.statusCode == 401 && retryOnUnauthorized && !isRefreshing {
-            isRefreshing = true
-            defer { isRefreshing = false }
-            try await refreshTokens()
+        if httpResponse.statusCode == 401 && retryOnUnauthorized {
+            do {
+                try await ensureTokenRefreshed()
+            } catch {
+                throw APIError.unauthorized
+            }
            return try await performRequest(endpoint, retryOnUnauthorized: false)
        }

@@ -210,15 +216,35 @@ actor HTTPClient {
        }
    }

-    private func refreshTokens() async throws {
+    /// Ensures tokens are refreshed exactly once even when multiple requests receive 401
+    /// concurrently. All callers await the same Task; only one network request is made.
+    private func ensureTokenRefreshed() async throws {
+        if let existing = refreshTask {
+            try await existing.value
+            return
+        }
+
        guard let refreshToken = keychain.loadRefreshToken() else {
+            keychain.clearTokens()
            throw APIError.unauthorized
        }
-        let response: TokenRefreshResponse = try await performRequest(
-            .refresh(refreshToken: refreshToken),
-            retryOnUnauthorized: false
-        )
-        try keychain.saveTokens(response.tokens)
+
+        let task = Task<Void, Error> {
+            let response: TokenRefreshResponse = try await self.performRequest(
+                .refresh(refreshToken: refreshToken),
+                retryOnUnauthorized: false
+            )
+            try self.keychain.saveTokens(response.tokens)
+        }
+        refreshTask = task
+        do {
+            try await task.value
+            refreshTask = nil
+        } catch {
+            refreshTask = nil
+            keychain.clearTokens()
+            throw error
+        }
    }
 }

@@ -1,5 +1,4 @@
 import Foundation
-import UIKit

 actor NotificationsAPIService {
    static let shared = NotificationsAPIService()
@@ -31,10 +30,6 @@ actor NotificationsAPIService {
    func changePassword(current: String, new: String) async throws -> UserResponse {
        try await client.request(.changePassword(current: current, new: new))
    }
-
-    func updateAppBadge(_ count: Int) async {
-        await UIApplication.shared.setApplicationIconBadgeNumber(count)
-    }
 }

 struct LogoutAllResponse: Decodable {
@@ -1,5 +1,6 @@
 import Foundation
 import SwiftUI
+import UIKit

@MainActor
 class NotificationsViewModel: ObservableObject {
@@ -70,8 +71,8 @@ class NotificationsViewModel: ObservableObject {
    }

    func startPolling() {
-        // Polling always reloads page 1 to pick up new notifications.
-        // Users who have scrolled to older pages will have the list reset on each interval.
+        // Guard against starting a second polling loop if already running.
+        guard pollingTask == nil else { return }
        pollingTask = Task {
            while !Task.isCancelled {
                try? await Task.sleep(for: .seconds(30))
@@ -88,8 +89,6 @@ class NotificationsViewModel: ObservableObject {

    private func updateBadge() {
        let unreadCount = notifications.filter { !$0.isRead }.count
-        Task {
-            await service.updateAppBadge(unreadCount)
-        }
+        UIApplication.shared.applicationIconBadgeNumber = unreadCount
    }
 }
@@ -7,7 +7,7 @@ struct VerifyEmailView: View {
    @State private var codeDigits: [String] = Array(repeating: "", count: 6)
    @State private var resendCooldown = 0
    @FocusState private var focusedIndex: Int?
-    @State private var resendTimer: Timer?
+    @State private var cooldownTask: Task<Void, Never>?

    var body: some View {
        VStack(spacing: 32) {
@@ -64,6 +64,7 @@ struct VerifyEmailView: View {
        .navigationTitle("Подтверждение")
        .navigationBarTitleDisplayMode(.inline)
        .onAppear { focusedIndex = 0 }
+        .onDisappear { cooldownTask?.cancel() }
    }

    private func handleDigitChange(index: Int, value: String) {
@@ -99,21 +100,22 @@ struct VerifyEmailView: View {
    private func resendCode() async {
        do {
            try await AuthService.shared.resendCode(email: email)
-            resendCooldown = 60
-            startCooldownTimer()
+            startCooldown()
        } catch {
            authViewModel.error = error.localizedDescription
        }
    }

-    private func startCooldownTimer() {
-        resendTimer?.invalidate()
-        resendTimer = Timer.scheduledTimer(withTimeInterval: 1, repeats: true) { _ in
-            if resendCooldown > 0 {
-                resendCooldown -= 1
-            } else {
-                resendTimer?.invalidate()
+    private func startCooldown() {
+        cooldownTask?.cancel()
+        cooldownTask = Task {
+            for remaining in stride(from: 60, through: 1, by: -1) {
+                guard !Task.isCancelled else { return }
+                resendCooldown = remaining
+                try? await Task.sleep(for: .seconds(1))
            }
+            guard !Task.isCancelled else { return }
+            resendCooldown = 0
        }
    }
 }
@@ -104,7 +104,7 @@ struct NotificationRowView: View {
                Text(notification.subject)
                    .font(.body)
                    .fontWeight(notification.isRead ? .regular : .semibold)
-                Text(notification.createdAt.relativeFormatted)
+                Text(notification.createdAt, style: .relative)
                    .font(.caption)
                    .foregroundStyle(.secondary)
            }
@@ -114,15 +114,3 @@ struct NotificationRowView: View {
        .padding(.vertical, 4)
    }
 }
-
-extension Date {
-    var relativeFormatted: String {
-        Date.relativeDateTimeFormatter.localizedString(for: self, relativeTo: Date())
-    }
-
-    private static let relativeDateTimeFormatter: RelativeDateTimeFormatter = {
-        let formatter = RelativeDateTimeFormatter()
-        formatter.locale = Locale(identifier: "ru_RU")
-        return formatter
-    }()
-}
@@ -7,6 +7,7 @@ struct SettingsView: View {
    @State private var showChangePassword = false
    @State private var showSessions = false
    @State private var showLogoutAllConfirm = false
+    @State private var logoutAllError: String?

    var body: some View {
        NavigationStack {
@@ -81,12 +82,27 @@ struct SettingsView: View {
            ) {
                Button("Выйти везде", role: .destructive) {
                    Task {
-                        _ = try? await NotificationsAPIService.shared.logoutAll()
-                        await authViewModel.logout()
+                        do {
+                            _ = try await NotificationsAPIService.shared.logoutAll()
+                            await authViewModel.logout()
+                        } catch {
+                            logoutAllError = error.localizedDescription
+                        }
                    }
                }
                Button("Отмена", role: .cancel) {}
            }
+            .alert(
+                "Ошибка",
+                isPresented: Binding(
+                    get: { logoutAllError != nil },
+                    set: { if !$0 { logoutAllError = nil } }
+                )
+            ) {
+                Button("OK") { logoutAllError = nil }
+            } message: {
+                Text(logoutAllError ?? "")
+            }
            .task {
                await viewModel.loadSessions()
            }