Memory leak in OAuth authentication flow #1125
Description
Description:
Memory leak in OAuth authentication flow where event listeners and interval timers are not cleaned up when login succeeds. The cleanup only happens when the popup is manually closed by the user.
Steps to reproduce:
- Enable OAuth authentication (
authFlow: 'OAUTH') - Click the login button to trigger
loginWithRocketChatOAuth() - Complete OAuth login successfully
- Check browser's event listeners and active intervals
Expected behavior:
After successful OAuth login, both the message event listener and the interval timer should be immediately removed from memory.
Actual behavior:
The event listener on window and setInterval continue running even after successful login. They only get cleaned up when the interval detects the popup is closed (up to 1 second delay), and if timing is unlucky, they may persist indefinitely. This causes memory leaks when users authenticate multiple times in a session.
Additionally, if the user closes the OAuth popup without completing login, the promise never resolves or rejects, leaving the app in a hanging state.