@oxyhq/services 5.16.1 → 5.16.3

package/src/ui/context/OxyContext.tsx

@@ -26,6 +26,10 @@ import { getStorageKeys } from '../utils/storageHelpers';
 import { isInvalidSessionError } from '../utils/errorHandlers';
 import type { RouteName } from '../navigation/routes';
 import { showBottomSheet as globalShowBottomSheet } from '../navigation/bottomSheetManager';
+import { useQueryClient } from '@tanstack/react-query';
+import { clearQueryCache } from '../hooks/queryClient';
+import { useAccountStore } from '../stores/accountStore';
+import { KeyManager } from '../../crypto/keyManager';
 
 export interface OxyContextState {
   user: User | null;
@@ -34,6 +38,7 @@ export interface OxyContextState {
   isAuthenticated: boolean;
   isLoading: boolean;
   isTokenReady: boolean;
+  isStorageReady: boolean;
   error: string | null;
   currentLanguage: string;
   currentLanguageMetadata: ReturnType<typeof useLanguageManagement>['metadata'];
@@ -48,6 +53,7 @@ export interface OxyContextState {
   getPublicKey: () => Promise<string | null>;
   isIdentitySynced: () => Promise<boolean>;
   syncIdentity: () => Promise<User>;
+  deleteIdentityAndClearAccount: (skipBackup?: boolean, force?: boolean, userConfirmed?: boolean) => Promise<void>;
 
   // Identity sync state (reactive, from Zustand store)
   identitySyncState: {
@@ -73,6 +79,8 @@ export interface OxyContextState {
   >;
   logoutAllDeviceSessions: () => Promise<void>;
   updateDeviceName: (deviceName: string) => Promise<void>;
+  clearSessionState: () => Promise<void>;
+  clearAllAccountData: () => Promise<void>;
   oxyServices: OxyServices;
   useFollow?: UseFollowHook;
   showBottomSheet?: (screenOrConfig: RouteName | { screen: RouteName; props?: Record<string, unknown> }) => void;
@@ -182,7 +190,55 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
 
   const storageKeys = useMemo(() => getStorageKeys(storageKeyPrefix), [storageKeyPrefix]);
 
-  const { storage } = useStorage({ onError, logger });
+  const { storage, isReady: isStorageReady } = useStorage({ onError, logger });
+
+  // Identity integrity check and auto-restore on startup
+  useEffect(() => {
+    if (!storage || !isStorageReady) return;
+
+    const checkAndRestoreIdentity = async () => {
+      try {
+        const { KeyManager } = await import('../../crypto/index.js');
+        // Check if identity exists and verify integrity
+        const hasIdentity = await KeyManager.hasIdentity();
+        if (hasIdentity) {
+          const isValid = await KeyManager.verifyIdentityIntegrity();
+          if (!isValid) {
+            // Try to restore from backup
+            const restored = await KeyManager.restoreIdentityFromBackup();
+            if (restored) {
+              if (__DEV__) {
+                logger('Identity restored from backup successfully');
+              }
+            } else {
+              if (__DEV__) {
+                logger('Identity integrity check failed - user may need to restore from recovery phrase');
+              }
+            }
+          } else {
+            // Identity is valid - ensure backup is up to date
+            await KeyManager.backupIdentity();
+          }
+        } else {
+          // No identity - try to restore from backup
+          const restored = await KeyManager.restoreIdentityFromBackup();
+          if (restored && __DEV__) {
+            logger('Identity restored from backup on startup');
+          }
+        }
+      } catch (error) {
+        if (__DEV__) {
+          logger('Error during identity integrity check', error);
+        }
+        // Don't block app startup - user can recover with recovery phrase
+      }
+    };
+
+    checkAndRestoreIdentity();
+  }, [storage, isStorageReady, logger]);
+
+  // Offline queuing is now handled by TanStack Query mutations
+  // No need for custom offline queue
 
   const {
     currentLanguage,
@@ -198,6 +254,8 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     logger,
   });
 
+  const queryClient = useQueryClient();
+
   const {
     sessions,
     activeSessionId,
@@ -220,6 +278,7 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     setAuthError: (message) => setAuthState({ error: message }),
     logger,
     setTokenReady,
+    queryClient,
   });
 
   const {
@@ -231,7 +290,7 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     hasIdentity,
     getPublicKey,
     isIdentitySynced,
-    syncIdentity,
+    syncIdentity: syncIdentityBase,
   } = useAuthOperations({
     oxyServices,
     storage,
@@ -254,6 +313,123 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     logger,
   });
 
+  // syncIdentity - TanStack Query handles offline mutations automatically
+  const syncIdentity = useCallback(async () => {
+    return await syncIdentityBase();
+  }, [syncIdentityBase]);
+
+  // Clear all account data when identity is lost (for accounts app)
+  // In accounts app, identity = account, so losing identity means losing everything
+  const clearAllAccountData = useCallback(async (): Promise<void> => {
+    // Clear TanStack Query cache (in-memory)
+    queryClient.clear();
+    
+    // Clear persisted query cache
+    if (storage) {
+      try {
+        await clearQueryCache(storage);
+      } catch (error) {
+        if (logger) {
+          logger('Failed to clear persisted query cache', error);
+        }
+      }
+    }
+    
+    // Clear session state (sessions, activeSessionId, storage)
+    await clearSessionState();
+    
+    // Clear identity sync state from storage
+    if (storage) {
+      try {
+        await storage.removeItem('oxy_identity_synced');
+      } catch (error) {
+        if (logger) {
+          logger('Failed to clear identity sync state', error);
+        }
+      }
+    }
+    
+    // Reset auth store identity sync state
+    useAuthStore.getState().setIdentitySynced(false);
+    useAuthStore.getState().setSyncing(false);
+    
+    // Reset account store
+    useAccountStore.getState().reset();
+    
+    // Clear HTTP service cache
+    oxyServices.clearCache();
+  }, [queryClient, storage, clearSessionState, logger, oxyServices]);
+
+  // Delete identity and clear all account data
+  // In accounts app, deleting identity means losing the account completely
+  const deleteIdentityAndClearAccount = useCallback(async (
+    skipBackup: boolean = false,
+    force: boolean = false,
+    userConfirmed: boolean = false
+  ): Promise<void> => {
+    // First, clear all account data
+    await clearAllAccountData();
+    
+    // Then delete the identity keys
+    await KeyManager.deleteIdentity(skipBackup, force, userConfirmed);
+  }, [clearAllAccountData]);
+
+  // Network reconnect sync - TanStack Query automatically retries mutations on reconnect
+  // We only need to sync identity if it's not synced
+  useEffect(() => {
+    if (!storage) return;
+
+    let wasOffline = false;
+    let checkInterval: NodeJS.Timeout | null = null;
+
+    const checkNetworkAndSync = async () => {
+      try {
+        // Try a lightweight health check to see if we're online
+        await oxyServices.healthCheck().catch(() => {
+          wasOffline = true;
+          return;
+        });
+
+        // If we were offline and now we're online, sync identity if needed
+        if (wasOffline) {
+          if (__DEV__ && logger) {
+            logger('Network reconnected, checking identity sync...');
+          }
+
+          // Sync identity first (if not synced)
+          try {
+            const isSynced = await storage.getItem('oxy_identity_synced');
+            if (isSynced === 'false') {
+              await syncIdentity();
+            }
+          } catch (syncError) {
+            if (__DEV__ && logger) {
+              logger('Error syncing identity on reconnect', syncError);
+            }
+          }
+
+          // TanStack Query will automatically retry pending mutations
+          wasOffline = false;
+        }
+      } catch (error) {
+        // Network check failed - we're offline
+        wasOffline = true;
+      }
+    };
+
+    // Check immediately
+    checkNetworkAndSync();
+
+    // Check periodically (every 10 seconds when app is active)
+    checkInterval = setInterval(checkNetworkAndSync, 10000);
+
+    return () => {
+      if (checkInterval) {
+        clearInterval(checkInterval);
+      }
+    };
+  }, [oxyServices, storage, syncIdentity, logger]);
+
   const { getDeviceSessions, logoutAllDeviceSessions, updateDeviceName } = useDeviceManagement({
     oxyServices,
     activeSessionId,
@@ -404,6 +580,7 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     isAuthenticated,
     isLoading,
     isTokenReady: tokenReady,
+    isStorageReady,
     error,
     currentLanguage,
     currentLanguageMetadata,
@@ -416,6 +593,7 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     getPublicKey,
     isIdentitySynced,
     syncIdentity,
+    deleteIdentityAndClearAccount,
     identitySyncState: {
       isSynced: isIdentitySyncedStore ?? true,
       isSyncing: isSyncing ?? false,
@@ -429,6 +607,8 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     getDeviceSessions,
     logoutAllDeviceSessions,
     updateDeviceName,
+    clearSessionState,
+    clearAllAccountData,
     oxyServices,
     useFollow: useFollowHook,
     showBottomSheet: showBottomSheetForContext,
@@ -441,6 +621,7 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     getPublicKey,
     isIdentitySynced,
     syncIdentity,
+    deleteIdentityAndClearAccount,
     isIdentitySyncedStore,
     isSyncing,
     currentLanguage,
@@ -460,7 +641,9 @@ export const OxyProvider: React.FC<OxyContextProviderProps> = ({
     setLanguage,
     switchSessionForContext,
     tokenReady,
+    isStorageReady,
     updateDeviceName,
+    clearAllAccountData,
     useFollowHook,
     user,
     showBottomSheetForContext,

package/src/ui/context/hooks/useAuthOperations.ts

@@ -85,7 +85,7 @@ export const useAuthOperations = ({
 }: UseAuthOperationsOptions): UseAuthOperationsResult => {
   
   /**
-   * Internal function to perform challenge-response sign in
+   * Internal function to perform challenge-response sign in (works offline)
    */
   const performSignIn = useCallback(
     async (publicKey: string): Promise<User> => {
@@ -94,8 +94,36 @@ export const useAuthOperations = ({
       const deviceInfo = await DeviceManager.getDeviceInfo();
       const deviceName = deviceInfo.deviceName || DeviceManager.getDefaultDeviceName();
 
-      // Request challenge
-      const { challenge } = await oxyServices.requestChallenge(publicKey);
+      let challenge: string;
+      let isOffline = false;
+
+      // Try to request challenge from server (online)
+      try {
+        const challengeResponse = await oxyServices.requestChallenge(publicKey);
+        challenge = challengeResponse.challenge;
+      } catch (error) {
+        // Network error - generate challenge locally for offline sign-in
+        const errorMessage = error instanceof Error ? error.message : String(error);
+        const isNetworkError = 
+          errorMessage.includes('Network') ||
+          errorMessage.includes('network') ||
+          errorMessage.includes('Failed to fetch') ||
+          errorMessage.includes('fetch failed') ||
+          (error as any)?.code === 'NETWORK_ERROR' ||
+          (error as any)?.status === 0;
+
+        if (isNetworkError) {
+          if (__DEV__ && logger) {
+            logger('Network unavailable, performing offline sign-in');
+          }
+          // Generate challenge locally
+          challenge = await SignatureService.generateChallenge();
+          isOffline = true;
+        } else {
+          // Re-throw non-network errors
+          throw error;
+        }
+      }
 
       // Note: Biometric authentication check should be handled by the app layer
       // (e.g., accounts app) before calling signIn. The biometric preference is stored
@@ -104,66 +132,129 @@ export const useAuthOperations = ({
       // Sign the challenge
       const { challenge: signature, timestamp } = await SignatureService.signChallenge(challenge);
 
-      // Verify and create session
-      const sessionResponse = await oxyServices.verifyChallenge(
-        publicKey,
-        challenge,
-        signature,
-        timestamp,
-        deviceName,
-        deviceFingerprint,
-      );
-
-      // Get token for the session
-      await oxyServices.getTokenBySession(sessionResponse.sessionId);
-
-      // Get full user data
-      const fullUser = await oxyServices.getUserBySession(sessionResponse.sessionId);
-      await applyLanguagePreference(fullUser);
-      loginSuccess(fullUser);
+      let fullUser: User;
+      let sessionResponse: SessionLoginResponse;
 
-      // Fetch device sessions
-      let allDeviceSessions: ClientSession[] = [];
-      try {
-        allDeviceSessions = await fetchSessionsWithFallback(oxyServices, sessionResponse.sessionId, {
-          fallbackDeviceId: sessionResponse.deviceId,
-          fallbackUserId: fullUser.id,
-          logger,
-        });
-      } catch (error) {
-        if (__DEV__) {
-          console.warn('Failed to fetch device sessions after login:', error);
+      if (isOffline) {
+        // Offline sign-in: create local session and minimal user object
+        if (__DEV__ && logger) {
+          logger('Creating offline session');
         }
-      }
 
-      // Check for existing session for same user
-      const existingSession = allDeviceSessions.find(
-        (session) =>
-          session.userId?.toString() === fullUser.id?.toString() &&
-          session.sessionId !== sessionResponse.sessionId,
-      );
+        // Generate a local session ID
+        const localSessionId = `offline_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
+        const localDeviceId = `device_${Date.now()}_${Math.random().toString(36).substr(2, 9)}`;
+        const expiresAt = new Date(Date.now() + 7 * 24 * 60 * 60 * 1000).toISOString(); // 7 days
+
+        // Create minimal user object with publicKey as id
+        fullUser = {
+          id: publicKey, // Use publicKey as id (per migration document)
+          publicKey,
+          username: '',
+          privacySettings: {},
+        } as User;
+
+        sessionResponse = {
+          sessionId: localSessionId,
+          deviceId: localDeviceId,
+          expiresAt,
+          user: {
+            id: publicKey,
+            username: '',
+          },
+        };
+
+        // Store offline session locally
+        const offlineSession: ClientSession = {
+          sessionId: localSessionId,
+          deviceId: localDeviceId,
+          expiresAt,
+          lastActive: new Date().toISOString(),
+          userId: publicKey,
+          isCurrent: true,
+        };
+
+        setActiveSessionId(localSessionId);
+        await saveActiveSessionId(localSessionId);
+        updateSessions([offlineSession], { merge: true });
+
+        // Mark session as offline for later sync
+        if (storage) {
+          await storage.setItem(`oxy_session_${localSessionId}_offline`, 'true');
+        }
+
+        if (__DEV__ && logger) {
+          logger('Offline sign-in successful');
+        }
+      } else {
+        // Online sign-in: use normal flow
+        // Verify and create session
+        sessionResponse = await oxyServices.verifyChallenge(
+          publicKey,
+          challenge,
+          signature,
+          timestamp,
+          deviceName,
+          deviceFingerprint,
+        );
+
+        // Get token for the session
+        await oxyServices.getTokenBySession(sessionResponse.sessionId);
 
-      if (existingSession) {
-        // Logout duplicate session
+        // Get full user data
+        fullUser = await oxyServices.getUserBySession(sessionResponse.sessionId);
+        
+        // Ensure id is set to publicKey (per migration document)
+        if (fullUser.id !== fullUser.publicKey) {
+          fullUser.id = fullUser.publicKey;
+        }
+
+        // Fetch device sessions
+        let allDeviceSessions: ClientSession[] = [];
         try {
-          await oxyServices.logoutSession(sessionResponse.sessionId, sessionResponse.sessionId);
-        } catch (logoutError) {
+          allDeviceSessions = await fetchSessionsWithFallback(oxyServices, sessionResponse.sessionId, {
+            fallbackDeviceId: sessionResponse.deviceId,
+            fallbackUserId: fullUser.id,
+            logger,
+          });
+        } catch (error) {
           if (__DEV__) {
-            console.warn('Failed to logout duplicate session:', logoutError);
+            console.warn('Failed to fetch device sessions after login:', error);
           }
         }
-        await switchSession(existingSession.sessionId);
-        updateSessions(
-          allDeviceSessions.filter((session) => session.sessionId !== sessionResponse.sessionId),
-          { merge: false },
+
+        // Check for existing session for same user
+        const existingSession = allDeviceSessions.find(
+          (session) =>
+            session.userId?.toString() === fullUser.id?.toString() &&
+            session.sessionId !== sessionResponse.sessionId,
         );
-        onAuthStateChange?.(fullUser);
-        return fullUser;
+
+        if (existingSession) {
+          // Logout duplicate session
+          try {
+            await oxyServices.logoutSession(sessionResponse.sessionId, sessionResponse.sessionId);
+          } catch (logoutError) {
+            if (__DEV__) {
+              console.warn('Failed to logout duplicate session:', logoutError);
+            }
+          }
+          await switchSession(existingSession.sessionId);
+          updateSessions(
+            allDeviceSessions.filter((session) => session.sessionId !== sessionResponse.sessionId),
+            { merge: false },
+          );
+          onAuthStateChange?.(fullUser);
+          return fullUser;
+        }
+
+        setActiveSessionId(sessionResponse.sessionId);
+        await saveActiveSessionId(sessionResponse.sessionId);
+        updateSessions(allDeviceSessions, { merge: true });
       }
 
-      setActiveSessionId(sessionResponse.sessionId);
-      await saveActiveSessionId(sessionResponse.sessionId);
-      updateSessions(allDeviceSessions, { merge: true });
+      await applyLanguagePreference(fullUser);
+      loginSuccess(fullUser);
       onAuthStateChange?.(fullUser);
       
       return fullUser;
@@ -178,6 +269,7 @@ export const useAuthOperations = ({
       setActiveSessionId,
       switchSession,
       updateSessions,
+      storage,
     ],
   );
 
@@ -224,10 +316,27 @@ export const useAuthOperations = ({
           };
         }
       } catch (error) {
-        // Clean up identity if generation failed
-        await KeyManager.deleteIdentity().catch(() => {});
-        await storage.removeItem('oxy_identity_synced').catch(() => {});
-        setIdentitySynced(true);
+        // CRITICAL: Never delete identity on error - it may have been successfully created
+        // Only log the error and let the user recover using their recovery phrase
+        // Identity deletion should ONLY happen when explicitly requested by the user
+        if (__DEV__ && logger) {
+          logger('Error during identity creation (identity may still exist):', error);
+        }
+        
+        // Check if identity was actually created (keys exist)
+        const hasIdentity = await KeyManager.hasIdentity().catch(() => false);
+        if (hasIdentity) {
+          // Identity exists - don't delete it! Just mark as not synced
+          await storage.setItem('oxy_identity_synced', 'false').catch(() => {});
+          setIdentitySynced(false);
+          if (__DEV__ && logger) {
+            logger('Identity was created but sync failed - user can sync later using recovery phrase');
+          }
+        } else {
+          // No identity exists - this was a generation failure, safe to clean up sync flag
+          await storage.removeItem('oxy_identity_synced').catch(() => {});
+          setIdentitySynced(false);
+        }
         
         const message = handleAuthError(error, {
           defaultMessage: 'Failed to create identity',
@@ -258,6 +367,7 @@ export const useAuthOperations = ({
 
   /**
    * Sync local identity with server (call when online)
+   * TanStack Query handles offline mutations automatically
    */
   const syncIdentity = useCallback(
     async (): Promise<User> => {
@@ -275,7 +385,6 @@ export const useAuthOperations = ({
         // Check if already synced
         const alreadySynced = await storage.getItem('oxy_identity_synced');
         if (alreadySynced === 'true') {
-          // Already synced, just sign in
           setIdentitySynced(true);
           return await performSignIn(publicKey);
         }
@@ -294,7 +403,11 @@ export const useAuthOperations = ({
         setIdentitySynced(true);
 
         // Sign in
-        return await performSignIn(publicKey);
+        const user = await performSignIn(publicKey);
+
+        // TanStack Query will automatically retry any pending mutations
+
+        return user;
       } catch (error) {
         const message = handleAuthError(error, {
           defaultMessage: 'Failed to sync identity',

package/src/ui/context/hooks/useSessionManagement.ts

@@ -6,6 +6,8 @@ import { fetchSessionsWithFallback, mapSessionsToClient, validateSessionBatch }
 import { getStorageKeys, type StorageInterface } from '../utils/storageHelpers';
 import { handleAuthError, isInvalidSessionError } from '../utils/errorHandlers';
 import type { OxyServices } from '../../../core';
+import type { QueryClient } from '@tanstack/react-query';
+import { clearQueryCache } from '../../hooks/queryClient.js';
 
 export interface UseSessionManagementOptions {
   oxyServices: OxyServices;
@@ -19,6 +21,7 @@ export interface UseSessionManagementOptions {
   setAuthError?: (message: string | null) => void;
   logger?: (message: string, error?: unknown) => void;
   setTokenReady?: (ready: boolean) => void;
+  queryClient?: QueryClient | null;
 }
 
 export interface UseSessionManagementResult {
@@ -55,6 +58,7 @@ export const useSessionManagement = ({
   setAuthError,
   logger,
   setTokenReady,
+  queryClient,
 }: UseSessionManagementOptions): UseSessionManagementResult => {
   const [sessions, setSessions] = useState<ClientSession[]>([]);
   const [activeSessionId, setActiveSessionId] = useState<string | null>(null);
@@ -140,6 +144,8 @@ export const useSessionManagement = ({
     try {
       await storage.removeItem(storageKeys.activeSessionId);
       await storage.removeItem(storageKeys.sessionIds);
+      // Clear identity sync state
+      await storage.removeItem('oxy_identity_synced').catch(() => {});
     } catch (error) {
       handleAuthError(error, {
         defaultMessage: CLEAR_STORAGE_ERROR,
@@ -155,9 +161,26 @@ export const useSessionManagement = ({
     setSessions([]);
     setActiveSessionId(null);
     logoutStore();
+    
+    // Clear TanStack Query cache (in-memory)
+    if (queryClient) {
+      queryClient.clear();
+    }
+    
+    // Clear persisted query cache
+    if (storage) {
+      try {
+        await clearQueryCache(storage);
+      } catch (error) {
+        if (logger) {
+          logger('Failed to clear persisted query cache', error);
+        }
+      }
+    }
+    
     await clearSessionStorage();
     onAuthStateChange?.(null);
-  }, [clearSessionStorage, logoutStore, onAuthStateChange]);
+  }, [clearSessionStorage, logoutStore, onAuthStateChange, queryClient, storage, logger]);
 
   const activateSession = useCallback(
     async (sessionId: string, user: User): Promise<void> => {

package/src/ui/hooks/mutations/index.ts

@@ -0,0 +1,4 @@
+// Export all mutation hooks
+export * from './useAccountMutations';
+export * from './useServicesMutations';
+