fix(RequestHandler): only reset tokens for authenticated 401s (#7508)

packages/rest/__tests__/REST.test.ts

@@ -245,7 +245,7 @@ test('Request and Response Events', async () => {
 			method: 'get',
 			path: '/request',
 			route: '/request',
-			data: { files: undefined, body: undefined },
+			data: { files: undefined, body: undefined, auth: true },
 			retries: 0,
 		}) as APIRequest,
 	);
@@ -254,7 +254,7 @@ test('Request and Response Events', async () => {
 			method: 'get',
 			path: '/request',
 			route: '/request',
-			data: { files: undefined, body: undefined },
+			data: { files: undefined, body: undefined, auth: true },
 			retries: 0,
 		}) as APIRequest,
 		expect.objectContaining({ status: 200, statusText: 'OK' }) as Response,

packages/rest/__tests__/RequestHandler.test.ts

@@ -357,9 +357,19 @@ test('Bad Request', async () => {
 });
 
 test('Unauthorized', async () => {
+	const setTokenSpy = jest.spyOn(invalidAuthApi.requestManager, 'setToken');
+
+	// Ensure authless requests don't reset the token
+	const promiseWithoutTokenClear = invalidAuthApi.get('/unauthorized', { auth: false });
+	await expect(promiseWithoutTokenClear).rejects.toThrowError('401: Unauthorized');
+	await expect(promiseWithoutTokenClear).rejects.toBeInstanceOf(DiscordAPIError);
+	expect(setTokenSpy).not.toHaveBeenCalled();
+
+	// Ensure authed requests do reset the token
 	const promise = invalidAuthApi.get('/unauthorized');
 	await expect(promise).rejects.toThrowError('401: Unauthorized');
 	await expect(promise).rejects.toBeInstanceOf(DiscordAPIError);
+	expect(setTokenSpy).toHaveBeenCalledTimes(1);
 });
 
 test('Reject on RateLimit', async () => {