From 102546e45dbce450f23c1e5297bf6e27a64d71c2 Mon Sep 17 00:00:00 2001
From: tigattack <10629864+tigattack@users.noreply.github.com>
Date: Sat, 27 Sep 2025 01:49:33 +0100
Subject: [PATCH] fix(frontend): eliminate duplicate API calls during log
 in/out

---
 frontend/src/contexts/AuthContext.jsx | 14 ++++++--------
 frontend/src/pages/Login.jsx          | 18 ++++++------------
 2 files changed, 12 insertions(+), 20 deletions(-)

diff --git a/frontend/src/contexts/AuthContext.jsx b/frontend/src/contexts/AuthContext.jsx
index cc86e6e..7f31e12 100644
--- a/frontend/src/contexts/AuthContext.jsx
+++ b/frontend/src/contexts/AuthContext.jsx
@@ -95,14 +95,6 @@ export const AuthProvider = ({ children }) => {
 		}
 	}, [fetchPermissions]);
 
-	// Refresh permissions when user logs in (no automatic refresh)
-	useEffect(() => {
-		if (token && user) {
-			// Only refresh permissions once when user logs in
-			refreshPermissions();
-		}
-	}, [token, user, refreshPermissions]);
-
 	const login = async (username, password) => {
 		try {
 			const response = await fetch("/api/v1/auth/login", {
@@ -116,6 +108,12 @@ export const AuthProvider = ({ children }) => {
 			const data = await response.json();
 
 			if (response.ok) {
+				// Check if TFA is required
+				if (data.requiresTfa) {
+					return { success: true, requiresTfa: true };
+				}
+
+				// Regular successful login
 				setToken(data.token);
 				setUser(data.user);
 				localStorage.setItem("token", data.token);
diff --git a/frontend/src/pages/Login.jsx b/frontend/src/pages/Login.jsx
index 4c9cb2f..a0c76a3 100644
--- a/frontend/src/pages/Login.jsx
+++ b/frontend/src/pages/Login.jsx
@@ -67,23 +67,17 @@ const Login = () => {
 		setError("");
 
 		try {
-			const response = await authAPI.login(
-				formData.username,
-				formData.password,
-			);
+			// Use the AuthContext login function which handles everything
+			const result = await login(formData.username, formData.password);
 
-			if (response.data.requiresTfa) {
+			if (result.requiresTfa) {
 				setRequiresTfa(true);
 				setTfaUsername(formData.username);
 				setError("");
+			} else if (result.success) {
+				navigate("/");
 			} else {
-				// Regular login successful
-				const result = await login(formData.username, formData.password);
-				if (result.success) {
-					navigate("/");
-				} else {
-					setError(result.error || "Login failed");
-				}
+				setError(result.error || "Login failed");
 			}
 		} catch (err) {
 			setError(err.response?.data?.error || "Login failed");