fix(auth): fully clear profile on logout (no stale name/gender after sign-out)
The mock service intentionally KEPT the persisted profile (hokm.profile) on signOut, and getProfile() reloads it — so after logout the previous user's name/gender/avatar resurrected from localStorage. Now signOut clears the in-memory + persisted profile, and the SignalR service also clears its mock fallback so the post-logout guest profile is fresh. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
soroush.asadi
@@ -341,8 +341,11 @@ export class MockOnlineService implements OnlineService {
|
|||||||
|
|
||||||
async signOut() {
|
async signOut() {
|
||||||
this.session = null;
|
this.session = null;
|
||||||
if (isBrowser()) localStorage.removeItem(LS.session);
|
this.profile = null; // forget the profile so the next sign-in / guest starts clean
|
||||||
// keep profile so progress persists across sign-ins on the same device
|
if (isBrowser()) {
|
||||||
|
localStorage.removeItem(LS.session);
|
||||||
|
localStorage.removeItem(LS.profile);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* ----------------------------- profile ----------------------------- */
|
/* ----------------------------- profile ----------------------------- */
|
||||||
|
|||||||
@@ -233,6 +233,7 @@ export class SignalrService implements OnlineService {
|
|||||||
this.token = null;
|
this.token = null;
|
||||||
this.cachedProfile = null; // drop the signed-in profile so it can't leak post-logout
|
this.cachedProfile = null; // drop the signed-in profile so it can't leak post-logout
|
||||||
if (typeof window !== "undefined") localStorage.removeItem(LS_SESSION);
|
if (typeof window !== "undefined") localStorage.removeItem(LS_SESSION);
|
||||||
|
await this.mock.signOut(); // also clear the guest/fallback profile (hokm.profile)
|
||||||
await this.conn?.stop();
|
await this.conn?.stop();
|
||||||
this.conn = null;
|
this.conn = null;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user