fix(Multi-Account-Logout: [Auth/PM-19555] Fix multi account logout on lock screens not redirecting properly (#14630)

* PM-19555 - LogoutService - build abstraction, default, and extension service and register with service modules * PM-19555 - Lock Comp - use logoutService * PM-19555 - LoginDecryptionOptions - Use logout service which removed need for extension-login-decryption-options.service * PM-19555 - AccountSwitcher logic update - (1) Use logout service + redirect guard routing (2) Remove logout method from account switcher service (3) use new NewActiveUser type * PM-19555 - Extension - Acct Switcher comp - clean up TODOs * PM-19555 - Add TODOs for remaining tech debt * PM-19555 - Add tests for new logout services. * PM-19555 - Extension - LoginInitiated - show acct switcher b/c user is AuthN * PM-19555 - Add TODO to replace LogoutCallback with LogoutService * PM-19555 WIP * PM-19555 - Extension App Comp - account switching to account in TDE locked state works now. * PM-19555 - Extension App Comp - add docs * PM-19555 - Extension App Comp - add early return * PM-19555 - Desktop App Comp - add handling for TDE lock case to switch account logic. * PM-19555 - Extension - Account Component - if account unlocked go to vault * PM-19555 - Per PR feedback, clean up unnecessary nullish coalescing operator. * PM-19555 - Extension - AppComponent - fix everHadUserKey merge issue * PM-19555 - PR feedback - refactor switchAccount and locked message handling on browser & desktop to require user id. I audited all callsites for both to ensure this *shouldn't* error.
2025-12-16 08:13:42 +00:00 · 2025-06-13 13:22:04 -04:00
parent b6f402faa8
commit bfb0b874ed
23 changed files with 334 additions and 211 deletions
--- a/libs/auth/src/angular/login-decryption-options/login-decryption-options.component.ts
+++ b/libs/auth/src/angular/login-decryption-options/login-decryption-options.component.ts
@@ -10,6 +10,7 @@ import { catchError, defer, firstValueFrom, from, map, of, switchMap, throwError
 import { JslibModule } from "@bitwarden/angular/jslib.module";
 import {
  LoginEmailServiceAbstraction,
+  LogoutService,
  UserDecryptionOptions,
  UserDecryptionOptionsServiceAbstraction,
 } from "@bitwarden/auth/common";
@@ -109,6 +110,7 @@ export class LoginDecryptionOptionsComponent implements OnInit {
    private toastService: ToastService,
    private userDecryptionOptionsService: UserDecryptionOptionsServiceAbstraction,
    private validationService: ValidationService,
+    private logoutService: LogoutService,
  ) {
    this.clientType = this.platformUtilsService.getClientType();
  }
@@ -156,19 +158,17 @@ export class LoginDecryptionOptionsComponent implements OnInit {
  }

  private async handleMissingEmail() {
+    // TODO: PM-15174 - the solution for this bug will allow us to show the toast on app re-init after
+    // the user has been logged out and the process reload has occurred.
    this.toastService.showToast({
      variant: "error",
      title: null,
      message: this.i18nService.t("activeUserEmailNotFoundLoggingYouOut"),
    });

-    setTimeout(async () => {
-      // We can't simply redirect to `/login` because the user is authed and the unauthGuard
-      // will prevent navigation. We must logout the user first via messagingService, which
-      // redirects to `/`, which will be handled by the redirectGuard to navigate the user to `/login`.
-      // The timeout just gives the user a chance to see the error toast before process reload runs on logout.
-      await this.loginDecryptionOptionsService.logOut();
-    }, 5000);
+    await this.logoutService.logout(this.activeAccountId);
+    // navigate to root so redirect guard can properly route next active user or null user to correct page
+    await this.router.navigate(["/"]);
  }

  private observeAndPersistRememberDeviceValueChanges() {
@@ -312,7 +312,9 @@ export class LoginDecryptionOptionsComponent implements OnInit {

    const userId = (await firstValueFrom(this.accountService.activeAccount$))?.id;
    if (confirmed) {
-      this.messagingService.send("logout", { userId: userId });
+      await this.logoutService.logout(userId);
+      // navigate to root so redirect guard can properly route next active user or null user to correct page
+      await this.router.navigate(["/"]);
    }
  }
 }
--- a/libs/auth/src/angular/login-decryption-options/login-decryption-options.service.ts
+++ b/libs/auth/src/angular/login-decryption-options/login-decryption-options.service.ts
@@ -3,8 +3,4 @@ export abstract class LoginDecryptionOptionsService {
   * Handles client-specific logic that runs after a user was successfully created
   */
  abstract handleCreateUserSuccess(): Promise<void | null>;
-  /**
-   * Logs the user out
-   */
-  abstract logOut(): Promise<void>;
 }