Update: Enhanced session/token refresh & recovery

Author: BWJ2310

src/components/Header.tsx

@@ -56,11 +56,15 @@ export default function Header() {
       }
 
       try {
-        // Check running analyses
+        // Check running analyses - only fetch from last 24 hours
+        const twentyFourHoursAgo = new Date();
+        twentyFourHoursAgo.setHours(twentyFourHoursAgo.getHours() - 24);
+        
         const { data: analysisData } = await supabase
           .from('analysis_history')
           .select('id, analysis_status, is_canceled')
-          .eq('user_id', user.id);
+          .eq('user_id', user.id)
+          .gte('created_at', twentyFourHoursAgo.toISOString());
 
         if (analysisData) {
           const runningCount = analysisData.filter(item => {

src/components/PortfolioPositions.tsx

@@ -57,7 +57,6 @@ export default function PortfolioPositions({ onSelectStock, selectedStock }: Por
   const [positions, setPositions] = useState<Position[]>([]);
   const [loading, setLoading] = useState(false);
   const [error, setError] = useState<string | null>(null);
-  const [lastRefresh, setLastRefresh] = useState<Date | null>(null);
   const [showRebalanceModal, setShowRebalanceModal] = useState(false);
   const [showRebalanceDetailModal, setShowRebalanceDetailModal] = useState(false);
   const [showScheduleListModal, setShowScheduleListModal] = useState(false);
@@ -201,7 +200,6 @@ export default function PortfolioPositions({ onSelectStock, selectedStock }: Por
       });
 
       setPositions(formattedPositions);
-      setLastRefresh(new Date());
     } catch (err) {
       console.error('Error fetching positions:', err);
       const errorMessage = err instanceof Error ? err.message : 'Failed to fetch positions';
@@ -262,12 +260,31 @@ export default function PortfolioPositions({ onSelectStock, selectedStock }: Por
       }
 
       try {
+        // Only fetch analyses from the last 24 hours for checking running status
+        const twentyFourHoursAgo = new Date();
+        twentyFourHoursAgo.setHours(twentyFourHoursAgo.getHours() - 24);
+        
         const { data, error } = await supabase
           .from('analysis_history')
           .select('id, analysis_status, is_canceled')
-          .eq('user_id', user.id);
+          .eq('user_id', user.id)
+          .gte('created_at', twentyFourHoursAgo.toISOString())
+          .abortSignal(new AbortController().signal); // Add fresh signal to avoid conflicts
 
-        if (!error && data) {
+        if (error) {
+          // Handle 500 errors gracefully
+          if (error.message?.includes('500') || error.code === '500') {
+            console.warn('Server error fetching analysis history, will retry later');
+            return;
+          }
+          // Log other unexpected errors
+          if (!error.message?.includes('abort')) {
+            console.error('Error checking running analyses:', error);
+          }
+          return;
+        }
+        
+        if (data) {
           const runningCount = data.filter(item => {
             // Convert legacy numeric status if needed
             const currentStatus = typeof item.analysis_status === 'number' 
@@ -329,18 +346,32 @@ export default function PortfolioPositions({ onSelectStock, selectedStock }: Por
       }
 
       try {
+        // Only fetch rebalances from today (for checking active status)
+        const today = new Date();
+        today.setHours(0, 0, 0, 0);
+        
         // Check for active rebalance requests using centralized status logic
         const { data: allRebalances, error } = await supabase
           .from('rebalance_requests')
           .select('id, status, created_at, completed_at, rebalance_plan')
           .eq('user_id', user.id)
+          .gte('created_at', today.toISOString()) // Only today's rebalances
           .order('created_at', { ascending: false })
           .limit(10); // Get recent rebalances to check their status
 
         if (error) {
-          // Don't log permission errors when not authenticated
-          if (error.code !== '42501' && error.message !== 'permission denied for table rebalance_requests') {
-            console.warn('Error checking rebalance requests:', error);
+          // Don't log permission errors, abort errors, or auth errors
+          const isPermissionError = error.code === '42501' || error.message?.includes('permission denied');
+          const isAbortError = error.message?.includes('AbortError') || error.message?.includes('signal is aborted');
+          const isAuthError = error.message?.includes('JWT') || error.message?.includes('token') || error.code === 'PGRST301';
+          
+          if (!isPermissionError && !isAbortError && !isAuthError) {
+            // Only log unexpected errors with details
+            console.warn('Error checking rebalance requests:', {
+              code: error.code,
+              message: error.message,
+              hint: error.hint
+            });
           }
           return;
         }
@@ -499,11 +530,6 @@ export default function PortfolioPositions({ onSelectStock, selectedStock }: Por
 
             </div>
           </div>
-          {lastRefresh && (
-            <p className="text-xs text-muted-foreground">
-              Last updated: {lastRefresh.toLocaleTimeString()}
-            </p>
-          )}
           {error && (
             <p className="text-xs text-red-500 mt-1">{error}</p>
           )}

src/components/StandaloneWatchlist.tsx

@@ -302,11 +302,15 @@ export default function StandaloneWatchlist({ onSelectStock, selectedStock }: St
       // Check database for running analyses if user is authenticated
       if (user && isAuthenticated) {
         try {
-          // Get all analyses
+          // Get analyses from last 7 days (enough to show recent activity for watchlist)
+          const sevenDaysAgo = new Date();
+          sevenDaysAgo.setDate(sevenDaysAgo.getDate() - 7);
+          
           const { data, error } = await supabase
             .from('analysis_history')
             .select('ticker, analysis_status, full_analysis, is_canceled, created_at')
             .eq('user_id', user.id)
+            .gte('created_at', sevenDaysAgo.toISOString())
             .order('created_at', { ascending: false });
 
           if (!error && data) {

src/components/workflow/hooks/helpers/analysisChecker.ts

@@ -35,10 +35,15 @@ export async function checkRunningAnalyses({
   // Check database for running analyses if user is authenticated
   if (user) {
     try {
+      // Only fetch analyses from the last 24 hours (for checking running analyses)
+      const twentyFourHoursAgo = new Date();
+      twentyFourHoursAgo.setHours(twentyFourHoursAgo.getHours() - 24);
+      
       const { data, error } = await supabase
         .from('analysis_history')
         .select('ticker, analysis_status, full_analysis, created_at, id, decision, agent_insights, rebalance_request_id, is_canceled')
         .eq('user_id', user.id)
+        .gte('created_at', twentyFourHoursAgo.toISOString()) // Only last 24 hours
         .order('created_at', { ascending: false });
 
       if (!error && data) {
@@ -99,15 +104,20 @@ export async function checkRunningAnalyses({
   if (justCompleted.length > 0) {
     console.log('Analyses completed, reloading for:', justCompleted);
 
-    // Fetch the completed analysis data
+    // Fetch the completed analysis data (should be recent)
     try {
+      // Only look for analyses completed in the last hour
+      const oneHourAgo = new Date();
+      oneHourAgo.setHours(oneHourAgo.getHours() - 1);
+      
       const { data, error } = await supabase
         .from('analysis_history')
         .select('*')
         .eq('user_id', user!.id)
         .eq('is_canceled', false)
         .in('ticker', justCompleted)
         .neq('analysis_status', ANALYSIS_STATUS.CANCELLED)
+        .gte('created_at', oneHourAgo.toISOString()) // Only recent completions
         .order('created_at', { ascending: false })
         .limit(1)
         .maybeSingle();

src/lib/auth.ts

@@ -797,7 +797,7 @@ export const initializeAuth = () => {
   useAuth.getState().initialize();
 
   // Set up a periodic check to restore auth if lost (every 5 seconds)
-  const authCheckInterval = setInterval(() => {
+  const authCheckInterval = setInterval(async () => {
     const state = useAuth.getState();
 
     // Check if current JWT token is about to expire and warn user
@@ -820,8 +820,15 @@ export const initializeAuth = () => {
       }
 
       // Proactively refresh token when it has less than 10 minutes remaining
-      if (timeUntilExpiry > 0 && timeUntilExpiry < 600 && !(window as any).__tokenRefreshTriggered) {
+      // But add a cooldown to prevent multiple refresh attempts
+      const lastRefreshAttempt = (window as any).__lastTokenRefreshAttempt || 0;
+      const refreshCooldown = 60000; // 1 minute cooldown between refresh attempts
+      
+      if (timeUntilExpiry > 0 && timeUntilExpiry < 600 && 
+          !(window as any).__tokenRefreshTriggered &&
+          (Date.now() - lastRefreshAttempt) > refreshCooldown) {
         (window as any).__tokenRefreshTriggered = true;
+        (window as any).__lastTokenRefreshAttempt = Date.now();
         console.log('🔐 Token expiring in', Math.floor(timeUntilExpiry / 60), 'minutes - triggering refresh');
 
         // Trigger token refresh

src/lib/supabase.ts

@@ -13,8 +13,14 @@ if (!supabaseUrl || !supabasePublishableKey) {
   });
 }
 
-// Track rate limit status
+// Track rate limit status with exponential backoff
 let rateLimitedUntil: number = 0;
+let rateLimitBackoff: number = 30000; // Start with 30 seconds
+let consecutiveRateLimits: number = 0;
+
+// Cache for session to avoid excessive getSession calls
+let cachedSessionToken: string | null = null;
+let cachedSessionExpiry: number = 0;
 
 // Export function to check rate limit status
 export const isRateLimited = () => rateLimitedUntil > Date.now();
@@ -24,6 +30,9 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
     persistSession: true,
     autoRefreshToken: true,
     detectSessionInUrl: true,
+    // Reduce refresh frequency - only refresh when token has 1 minute left (instead of default 60 seconds)
+    // This helps prevent conflicts with our manual refresh logic
+    autoRefreshTickDuration: 60,
     // Use the default storage key that matches the project
     // This should be 'sb-lnvjsqyvhczgxvygbqer-auth-token'
     // Let Supabase handle the key automatically
@@ -55,16 +64,62 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
       // For all Supabase API calls, ensure we're using the latest session
       if (typeof url === 'string' && (url.includes('/rest/v1/') || url.includes('/functions/v1/'))) {
         try {
-          // Get the current session from auth state
-          const currentSession = await supabase.auth.getSession();
-          if (currentSession.data.session?.access_token) {
-            // Ensure the Authorization header is set with the current token
+          let accessToken = null;
+          
+          // First check our in-memory cache (valid for 5 seconds to batch rapid API calls)
+          const now = Date.now();
+          if (cachedSessionToken && cachedSessionExpiry > now) {
+            accessToken = cachedSessionToken;
+          } else {
+            // Cache expired, check localStorage next
+            const storageKey = `sb-${supabaseUrl.split('//')[1].split('.')[0]}-auth-token`;
+            const storedSession = localStorage.getItem(storageKey);
+            
+            if (storedSession) {
+              try {
+                const sessionData = JSON.parse(storedSession);
+                if (sessionData?.access_token) {
+                  // Check if token is not too expired (allow up to 2 hours expired for recovery)
+                  const payload = JSON.parse(atob(sessionData.access_token.split('.')[1]));
+                  const tokenExp = payload.exp;
+                  const nowSeconds = Math.floor(now / 1000);
+                  const timeUntilExpiry = tokenExp - nowSeconds;
+                  
+                  if (timeUntilExpiry > -7200) { // Within 2 hours of expiry
+                    accessToken = sessionData.access_token;
+                    // Cache it for 5 seconds to avoid repeated parsing
+                    cachedSessionToken = accessToken;
+                    cachedSessionExpiry = now + 5000;
+                  }
+                }
+              } catch (e) {
+                // Ignore parsing errors
+              }
+            }
+            
+            // Only call getSession if we absolutely need to (no cached or stored token)
+            // AND we're not rate limited
+            if (!accessToken && !isRateLimited()) {
+              const currentSession = await supabase.auth.getSession();
+              if (currentSession.data.session?.access_token) {
+                accessToken = currentSession.data.session.access_token;
+                // Cache it for 5 seconds
+                cachedSessionToken = accessToken;
+                cachedSessionExpiry = now + 5000;
+              }
+            }
+          }
+          
+          // Set the Authorization header if we have a token
+          if (accessToken) {
             const headers = new Headers(options.headers || {});
-            headers.set('Authorization', `Bearer ${currentSession.data.session.access_token}`);
+            headers.set('Authorization', `Bearer ${accessToken}`);
+            headers.set('apikey', supabasePublishableKey); // Also ensure API key is set
             options = { ...options, headers };
           }
         } catch (e) {
           // If getting session fails, proceed with original options
+          console.warn('Failed to add auth headers:', e);
         }
       }
       // Check if this is a token refresh request
@@ -160,13 +215,21 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
         // Check if the existing signal is already aborted
         if (options.signal.aborted) {
           clearTimeout(timeoutId);
-          console.log('Skipping fetch - existing signal already aborted');
+          // Don't log for routine aborts (component unmounts, etc)
+          if (!(window as any).__suppressAbortLogs) {
+            console.log('Skipping fetch - existing signal already aborted');
+          }
           throw new DOMException('The user aborted a request.', 'AbortError');
         }
         // Create a combined signal that aborts if either signal aborts
         const combinedController = new AbortController();
-        options.signal.addEventListener('abort', () => combinedController.abort());
-        controller.signal.addEventListener('abort', () => combinedController.abort());
+        const abortHandler = () => {
+          if (!combinedController.signal.aborted) {
+            combinedController.abort();
+          }
+        };
+        options.signal.addEventListener('abort', abortHandler, { once: true });
+        controller.signal.addEventListener('abort', abortHandler, { once: true });
         signal = combinedController.signal;
       }
 
@@ -213,11 +276,15 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
 
         // Immediately check for 429 rate limit on token refresh BEFORE returning
         if (response.status === 429 && isTokenRefresh) {
+          // Increment consecutive rate limits and apply exponential backoff
+          consecutiveRateLimits++;
+          rateLimitBackoff = Math.min(300000, 30000 * Math.pow(2, consecutiveRateLimits - 1)); // Max 5 minutes
+          
           // Set the flag IMMEDIATELY
           (window as any).__supabaseRateLimited = true;
-          // Set rate limit for 30 seconds
-          rateLimitedUntil = Date.now() + 30000;
-          console.error('🔐 Token refresh rate limited! Backing off for 30 seconds');
+          // Set rate limit with exponential backoff
+          rateLimitedUntil = Date.now() + rateLimitBackoff;
+          console.error(`🔐 Token refresh rate limited! Backing off for ${rateLimitBackoff / 1000} seconds (attempt ${consecutiveRateLimits})`);
 
           // Set a global flag so components know we're rate limited
           (window as any).__supabaseRateLimited = true;
@@ -226,6 +293,7 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
           setTimeout(async () => {
             rateLimitedUntil = 0;
             (window as any).__supabaseRateLimited = false;
+            consecutiveRateLimits = Math.max(0, consecutiveRateLimits - 1); // Gradually reduce backoff
             console.log('🔐 Rate limit cleared, token refresh can resume');
 
             // Try to restore the session if auth state was lost
@@ -300,6 +368,15 @@ export const supabase = createClient(supabaseUrl, supabasePublishableKey, {
           }
         }
 
+        // Reset rate limit counter on successful token refresh
+        if (response.ok && isTokenRefresh) {
+          consecutiveRateLimits = 0;
+          rateLimitBackoff = 30000; // Reset to initial backoff
+          // Clear the cache so next request gets fresh token
+          cachedSessionToken = null;
+          cachedSessionExpiry = 0;
+        }
+        
         return response;
       } catch (error) {
         clearTimeout(timeoutId);
@@ -457,6 +534,37 @@ export const supabaseFunctions = {
   }
 };
 
+// Helper function to manually recover session after rate limit
+export const recoverSession = async () => {
+  try {
+    // Check if we're still rate limited
+    if (rateLimitedUntil > Date.now()) {
+      console.log('🔐 Still rate limited, waiting...');
+      return false;
+    }
+    
+    // Clear rate limit flag
+    rateLimitedUntil = 0;
+    delete (window as any).__supabaseRateLimited;
+    
+    // Try to refresh the session
+    const { data, error } = await supabase.auth.refreshSession();
+    
+    if (!error && data.session) {
+      console.log('🔐 Session recovered successfully');
+      consecutiveRateLimits = 0; // Reset counter on success
+      rateLimitBackoff = 30000; // Reset backoff
+      return true;
+    } else {
+      console.error('🔐 Failed to recover session:', error);
+      return false;
+    }
+  } catch (error) {
+    console.error('🔐 Error recovering session:', error);
+    return false;
+  }
+};
+
 // Helper functions for common operations
 export const supabaseHelpers = {
   // Get or create API settings for a user (with actual API keys for settings page)