🐛 Bug: Occasional very long Dashboard loading times (likely cookie/auth-related)

[bitbacchus]

🐛 Bug: Occasional very long Dashboard loading times (likely cookie/auth-related)

Summary

Some users occasionally experience very long loading times on the Dashboard (appears like a “hang” / endless loading). In these cases, opening Recapp in an incognito/private window or using a different browser usually fixes the problem immediately, suggesting a client-side state issue (cookies / auth / cached state) rather than pure server load.

Affected area

• Frontend: packages/frontend → Dashboard page (routing via src/App.tsx, state via ts-actors-react actors like LocalUserActor, TokenActor, etc.).
• Backend: auth/cookie/JWT flow and any Dashboard list endpoints/subscriptions (Koa + actor system).

Observed behavior

• Dashboard load sometimes takes extremely long (minutes / effectively stuck).
• No obvious user action triggers it; it happens “occasionally”.
• Workaround: incognito window or different browser loads quickly.

Expected behavior

• Dashboard should consistently load within a few seconds, or fail fast with a clear error (e.g., “session expired, please log in again”).

Hypotheses (ranked)

1. Corrupted/stale auth cookie / JWT refresh loop

   • Backend uses JWT cookies for auth; a stale/invalid cookie may cause repeated retries or a failed refresh path that never resolves client-side.

2. Temporary-account / fingerprint mismatch

   • Temporary accounts rely on a browser fingerprint; if cookies + fingerprint get out of sync, the backend might reject/loop in a way the UI doesn’t surface.

3. Frontend actor state stuck (e.g., TokenActor / LocalUserActor never reaches “ready”)

   • If some “auth ready” gate blocks the Dashboard queries/subscriptions, the UI may wait forever.

Steps to reproduce

Not sure, yet. I'll have a look at the server logs.

What to capture when it happens

Client-side

• Browser console logs (errors + warnings).

• Network tab (HAR if possible):

  • Requests that repeat / never complete (especially anything auth-related and the Dashboard list calls).
  • Response codes (401/403/5xx) and Set-Cookie behavior.

Server-side

• Backend logs around the time of the hang:

  • auth routes / token refresh / session endpoints
  • dashboard list endpoints or actor subscription setup

• If available: correlate with request IDs.

Suggested investigation plan

1. Add structured logging around:

   • frontend: Token/auth readiness + Dashboard fetch/subscription start/end
   • backend: auth cookie validation + refresh path + “who am I”/session lookup

2. Detect and handle infinite retry:

   • if auth fails (401/403), force logout or show “session expired” with a “Log in again” button instead of spinning forever

3. Add a minimal reproduction script/checklist for testers (clear cookies vs. incognito comparison).

Acceptance criteria

• Dashboard no longer “hangs” indefinitely:

  • Either loads successfully, or shows a clear actionable error within a bounded time.

• If cookie/auth is invalid, the app reliably transitions to a logged-out state and prompts for login.

Notes

• This issue is likely connected to Recapp’s cookie/JWT auth mechanism and browser-specific state, given that incognito/different browser mitigates it.
• If this occurs on the test server only, include the server URL/build SHA; note that feature branches auto-deploy to the test server after push.