From 13a3d16ffc88845d7bc65fb0778da9aaff53b653 Mon Sep 17 00:00:00 2001 From: nsfisis Date: Sat, 2 May 2026 11:31:42 +0900 Subject: feat(auth): clear local IndexedDB and sync state on explicit logout Wipe Dexie databases (main + CRDT sync state) and reset the sync queue when the user explicitly logs out so the next account on the same device starts from a clean local store. Session expiry deliberately keeps local data intact so a returning user finds their offline work waiting. Co-Authored-By: Claude Opus 4.7 (1M context) --- src/client/atoms/auth.ts | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'src/client/atoms/auth.ts') diff --git a/src/client/atoms/auth.ts b/src/client/atoms/auth.ts index 9ee69cf..1ddfd53 100644 --- a/src/client/atoms/auth.ts +++ b/src/client/atoms/auth.ts @@ -3,6 +3,7 @@ import { atomWithStorage } from "jotai/utils"; import { useEffect } from "react"; import { useLocation } from "wouter"; import { apiClient, type User } from "../api/client"; +import { clearAllLocalData } from "../db/clear"; // userAtom is the single source of truth for auth state. Persisted to // localStorage so that the authenticated user survives page reloads alongside @@ -27,8 +28,12 @@ export const loginAtom = atom( }, ); -// Action atom - logout -export const logoutAtom = atom(null, (_get, set) => { +// Action atom - logout. Wipes locally persisted user-scoped data so the next +// user (or a fresh re-login) starts from a clean IndexedDB. Session expiry +// (handled in useAuthInit) intentionally keeps local data so the user finds +// their offline work waiting after re-authenticating. +export const logoutAtom = atom(null, async (_get, set) => { + await clearAllLocalData(); apiClient.logout(); set(userAtom, null); }); -- cgit v1.3.1