From f36f5f13f4b10657a5d53a46b4895e86b6a5e817 Mon Sep 17 00:00:00 2001
From: Nan Yu <nan@getoutline.com>
Date: Mon, 4 Jul 2022 01:47:44 -0700
Subject: [PATCH] Fix: clear localstore after logout (#3731)

* fix: remove user, team, and policies from auth store and localstorage on logout

* true up the reset everywhere
---
 app/stores/AuthStore.ts | 16 +++++++---------
 1 file changed, 7 insertions(+), 9 deletions(-)

diff --git a/app/stores/AuthStore.ts b/app/stores/AuthStore.ts
index da47ae944..d05551a7f 100644
--- a/app/stores/AuthStore.ts
+++ b/app/stores/AuthStore.ts
@@ -204,6 +204,7 @@ export default class AuthStore {
     runInAction("AuthStore#updateUser", () => {
       this.user = null;
       this.team = null;
+      this.policies = [];
       this.token = null;
     });
   };
@@ -259,14 +260,6 @@ export default class AuthStore {
 
     client.post(`/auth.delete`);
 
-    // remove user and team from localStorage
-    Storage.set(AUTH_STORE, {
-      user: null,
-      team: null,
-      policies: [],
-    });
-    this.token = null;
-
     // if this logout was forced from an authenticated route then
     // save the current path so we can go back there once signed in
     if (savePath) {
@@ -290,7 +283,12 @@ export default class AuthStore {
       setCookie("sessions", JSON.stringify(sessions), {
         domain: getCookieDomain(window.location.hostname),
       });
-      this.team = null;
     }
+
+    // clear all credentials from cache (and local storage via autorun)
+    this.user = null;
+    this.team = null;
+    this.policies = [];
+    this.token = null;
   };
 }