From 21b70cccfdfa3b7056516a716646bc1dd67f5682 Mon Sep 17 00:00:00 2001
From: Jonathan Harris <github@marginal.org.uk>
Date: Thu, 17 Jan 2019 16:01:54 +0000
Subject: [PATCH] Force re-authentication on 4xx return from cAPI

Fixes #398
---
 companion.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/companion.py b/companion.py
index bcf23797..e4cda4d8 100644
--- a/companion.py
+++ b/companion.py
@@ -343,15 +343,16 @@ class Session:
             if __debug__: print_exc()
             raise ServerError()
 
-        if r.url.startswith(SERVER_AUTH):
-           # Redirected back to Auth server - force full re-authentication
+        if 400 <= r.status_code < 500 or r.url.startswith(SERVER_AUTH):
+           # Client error or redirected back to Auth server - force full re-authentication
             self.dump(r)
             self.invalidate()
             self.login()
             raise CredentialsError()
         elif 500 <= r.status_code < 600:
+            # Server error. Typically 500 "Internal Server Error" if server is down
             self.dump(r)
-            raise ServerError()	# Typically 500 "Internal Server Error" if server is down
+            raise ServerError()
 
         try:
             data = r.json()	# Will fail here if token expired since response is empty