Fix authentication validation to properly reject invalid CalDAV servers

- Backend: Enhance CalDAV discovery to require at least one valid 207 response - Backend: Fail authentication if no valid CalDAV endpoints are found - Frontend: Add token verification on app startup to validate stored tokens - Frontend: Clear invalid tokens when login fails or token verification fails - Frontend: Prevent users with invalid tokens from accessing calendar page This resolves the issue where invalid servers (like google.com) were incorrectly accepted as valid CalDAV servers, and ensures proper authentication flow. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-09-04 16:06:18 -04:00
parent b16603b50b
commit 8329244c69
4 changed files with 107 additions and 4 deletions
--- a/backend/src/calendar.rs
+++ b/backend/src/calendar.rs
@@ -580,14 +580,34 @@ impl CalDAVClient {

        let mut all_calendars = Vec::new();

+        let mut has_valid_caldav_response = false;
+
        for path in discovery_paths {
            println!("Trying discovery path: {}", path);
-            if let Ok(calendars) = self.discover_calendars_at_path(&path).await {
-                println!("Found {} calendar(s) at {}", calendars.len(), path);
-                all_calendars.extend(calendars);
+            match self.discover_calendars_at_path(&path).await {
+                Ok(calendars) => {
+                    println!("Found {} calendar(s) at {}", calendars.len(), path);
+                    has_valid_caldav_response = true;
+                    all_calendars.extend(calendars);
+                }
+                Err(CalDAVError::ServerError(status)) => {
+                    // HTTP error - this might be expected for some paths, continue trying
+                    println!("Discovery path {} returned HTTP {}, trying next path", path, status);
+                }
+                Err(e) => {
+                    // Network or other error - this suggests the server isn't reachable or isn't CalDAV
+                    println!("Discovery failed for path {}: {:?}", path, e);
+                    return Err(e);
+                }
            }
        }

+        // If we never got a valid CalDAV response (e.g., all requests failed), 
+        // this is likely not a CalDAV server
+        if !has_valid_caldav_response {
+            return Err(CalDAVError::ServerError(404));
+        }
+
        // Remove duplicates
        all_calendars.sort();
        all_calendars.dedup();