From 0eaf8b5f01e50d3887ce92991acaf98e7da91381 Mon Sep 17 00:00:00 2001
From: root <root@UberPC.>
Date: Sat, 7 Feb 2026 20:34:53 -0800
Subject: [PATCH] fix: refresh login options when OIDC client is re-initialized

The GetLoginOptions response was cached in a OnceLock, meaning it was
computed once at startup and never updated. When the OIDC client was
re-initialized (e.g. after config changes), the login options endpoint
would still return the stale cached value, causing the UI to show
outdated OIDC button state.

Replace the static OnceLock cache with a function that reads the
current OIDC client state on each request, so the response always
reflects whether OIDC is currently available.

Also add a 30-second polling interval to the frontend's login options
query so the login page picks up server-side changes without requiring
a hard refresh.

Fixes #1022
---
 bin/core/src/api/auth.rs  | 27 +++++++++++----------------
 frontend/src/lib/hooks.ts |  1 +
 2 files changed, 12 insertions(+), 16 deletions(-)

diff --git a/bin/core/src/api/auth.rs b/bin/core/src/api/auth.rs
index 9ba89dfef..53ce698a7 100644
--- a/bin/core/src/api/auth.rs
+++ b/bin/core/src/api/auth.rs
@@ -1,4 +1,4 @@
-use std::{sync::OnceLock, time::Instant};
+use std::time::Instant;
 
 use axum::{Router, extract::Path, http::HeaderMap, routing::post};
 use derive_variants::{EnumVariants, ExtractVariant};
@@ -108,20 +108,15 @@ async fn handler(
   res.map(|res| res.0)
 }
 
-fn login_options_reponse() -> &'static GetLoginOptionsResponse {
-  static GET_LOGIN_OPTIONS_RESPONSE: OnceLock<
-    GetLoginOptionsResponse,
-  > = OnceLock::new();
-  GET_LOGIN_OPTIONS_RESPONSE.get_or_init(|| {
-    let config = core_config();
-    GetLoginOptionsResponse {
-      local: config.local_auth,
-      github: github_oauth_client().is_some(),
-      google: google_oauth_client().is_some(),
-      oidc: oidc_client().load().is_some(),
-      registration_disabled: config.disable_user_registration,
-    }
-  })
+fn login_options_response() -> GetLoginOptionsResponse {
+  let config = core_config();
+  GetLoginOptionsResponse {
+    local: config.local_auth,
+    github: github_oauth_client().is_some(),
+    google: google_oauth_client().is_some(),
+    oidc: oidc_client().load().is_some(),
+    registration_disabled: config.disable_user_registration,
+  }
 }
 
 impl Resolve<AuthArgs> for GetLoginOptions {
@@ -130,7 +125,7 @@ impl Resolve<AuthArgs> for GetLoginOptions {
     self,
     _: &AuthArgs,
   ) -> serror::Result<GetLoginOptionsResponse> {
-    Ok(*login_options_reponse())
+    Ok(login_options_response())
   }
 }
 
diff --git a/frontend/src/lib/hooks.ts b/frontend/src/lib/hooks.ts
index 23931f5bd..ad01515c6 100644
--- a/frontend/src/lib/hooks.ts
+++ b/frontend/src/lib/hooks.ts
@@ -123,6 +123,7 @@ export const useLoginOptions = () => {
   return useQuery({
     queryKey: ["GetLoginOptions"],
     queryFn: () => komodo_client().auth("GetLoginOptions", {}),
+    refetchInterval: 30_000,
   });
 };