fix(auth): restore login and logout flow

- Clear React Query user cache on logout (auth.ts + logoutLocal in authStore) to prevent stale user data in Header/useUser after disconnect - Fix LoginPage redirect: user was removed from persist (Action 4.1.1.5), so parsed.state?.user was always undefined and redirect never triggered. Use isAuthenticated directly as source of truth. - Close Header user menu on logout for cleaner UX
2026-02-23 09:54:05 +01:00 · 2026-02-23 09:54:05 +01:00 · fa7fc7031e
commit fa7fc7031e
parent 4b1509d8f0
4 changed files with 16 additions and 12 deletions
--- a/apps/web/src/components/layout/Header.tsx
+++ b/apps/web/src/components/layout/Header.tsx
@ -37,6 +37,7 @@ export function Header(_props: HeaderProps) {
  const navigate = useNavigate();

  const handleLogout = async () => {
+    setIsUserMenuOpen(false);
    await logout();
    navigate('/login');
  };
--- a/apps/web/src/features/auth/pages/LoginPage.tsx
+++ b/apps/web/src/features/auth/pages/LoginPage.tsx
@ -60,19 +60,9 @@ export function LoginPage() {
    }
  }, []);

-  // Rediriger si déjà connecté (mais attendre que le chargement soit terminé)
+  // Rediriger si déjà connecté (user data géré par React Query, pas dans persist)
  if (isAuthenticated && !isLoading && !loading) {
-    const stored = localStorage.getItem('auth-storage');
-    if (stored) {
-      try {
-        const parsed = JSON.parse(stored);
-        if (parsed.state?.user && parsed.state?.isAuthenticated) {
-          return <Navigate to="/dashboard" replace />;
-        }
-      } catch {
-        // Continue, pas encore persisté
-      }
-    }
+    return <Navigate to="/dashboard" replace />;
  }

  const validateField = (
--- a/apps/web/src/features/auth/store/authStore.ts
+++ b/apps/web/src/features/auth/store/authStore.ts
@ -12,6 +12,7 @@ import {
 } from '@/services/api/auth';
 import { TokenStorage } from '@/services/tokenStorage';
 import { csrfService } from '@/services/csrf';
+import { getQueryClient } from '@/utils/queryClientSingleton';
 import { broadcastSync } from '@/utils/broadcastSync';
 import { logger } from '@/utils/logger';
 import type { ApiError } from '@/schemas/apiSchemas';
@ -206,6 +207,12 @@ export const useAuthStore = create<AuthStore>()(
          // Supprimer le token CSRF
          csrfService.clearToken();

+          // Clear React Query user cache
+          const qc = getQueryClient();
+          if (qc) {
+            qc.removeQueries({ queryKey: ['user', 'me'] });
+          }
+
          // Nettoyer l'état
          set({
            isAuthenticated: false,
--- a/apps/web/src/services/api/auth.ts
+++ b/apps/web/src/services/api/auth.ts
@ -7,6 +7,7 @@ import {
  initializeProactiveRefresh,
  cleanupProactiveRefresh,
 } from '../tokenRefresh';
+import { getQueryClient } from '@/utils/queryClientSingleton';
 import { logger } from '@/utils/logger';
 import type { User } from '@/types';

@ -344,6 +345,11 @@ export async function logout(): Promise<void> {
    cleanupProactiveRefresh();
    // Supprimer tokens du storage
    TokenStorage.clearTokens();
+    // Clear React Query user cache to avoid stale user data after logout
+    const qc = getQueryClient();
+    if (qc) {
+      qc.removeQueries({ queryKey: ['user', 'me'] });
+    }
  }
 }