diff --git a/src/lib/stores/auth.js b/src/lib/stores/auth.js index e2dd8179..1f98d48c 100644 --- a/src/lib/stores/auth.js +++ b/src/lib/stores/auth.js @@ -77,6 +77,8 @@ export const useAuthStore = create((set, get) => ({ } return { error: 'Session expired' }; } catch { + localStorage.removeItem('qrypt_session'); + localStorage.removeItem('supabase.auth.token'); return { error: 'Failed to get session' }; } }, diff --git a/tests/stores/auth.test.js b/tests/stores/auth.test.js index 5ed50372..ef784c15 100644 --- a/tests/stores/auth.test.js +++ b/tests/stores/auth.test.js @@ -47,6 +47,19 @@ describe('Auth Store (Zustand)', () => { expect(result.success).toBe(false); }); + it('clears corrupted stored session data', async () => { + window.localStorage.getItem.mockImplementation((key) => { + if (key === 'qrypt_session') return 'not-json'; + return null; + }); + + const result = await useAuthStore.getState().getCurrentSession(); + + expect(result.error).toBe('Failed to get session'); + expect(window.localStorage.removeItem).toHaveBeenCalledWith('qrypt_session'); + expect(window.localStorage.removeItem).toHaveBeenCalledWith('supabase.auth.token'); + }); + it('logs out and clears user state', async () => { useAuthStore.setState({ user: { id: '123', username: 'test' } }); await useAuthStore.getState().logout();