@oxyhq/services 5.16.24 → 5.16.26

package/lib/module/ui/context/OxyContext.js

@@ -103,7 +103,11 @@ export const OxyProvider = ({
   const setAuthState = useAuthStore.setState;
   const logger = useCallback((message, err) => {
     if (__DEV__) {
-      console.warn(`[OxyContext] ${message}`, err);
+      if (err !== undefined) {
+        console.warn(`[OxyContext] ${message}`, err);
+      } else {
+        console.warn(`[OxyContext] ${message}`);
+      }
     }
   }, []);
   const storageKeys = useMemo(() => getStorageKeys(storageKeyPrefix), [storageKeyPrefix]);
@@ -284,15 +288,45 @@ export const OxyProvider = ({
     oxyServices.clearCache();
   }, [queryClient, storage, clearSessionState, logger, oxyServices]);
 
+  // Transfer code management functions (must be defined before deleteIdentityAndClearAccount)
+  const getAllPendingTransfers = useCallback(() => {
+    const pending = [];
+    transferCodesRef.current.forEach((data, transferId) => {
+      if (data.state === 'pending') {
+        pending.push({
+          transferId,
+          data
+        });
+      }
+    });
+    return pending;
+  }, []);
+  const getActiveTransferId = useCallback(() => {
+    return activeTransferIdRef.current;
+  }, []);
+
   // Delete identity and clear all account data
   // In accounts app, deleting identity means losing the account completely
   const deleteIdentityAndClearAccount = useCallback(async (skipBackup = false, force = false, userConfirmed = false) => {
+    // CRITICAL: Check for active transfers before deletion (unless force is true)
+    // This prevents accidental identity loss during transfer
+    if (!force) {
+      const pendingTransfers = getAllPendingTransfers();
+      if (pendingTransfers.length > 0) {
+        const activeTransferId = getActiveTransferId();
+        const hasActiveTransfer = activeTransferId && pendingTransfers.some(t => t.transferId === activeTransferId);
+        if (hasActiveTransfer) {
+          throw new Error('Cannot delete identity: An active identity transfer is in progress. ' + 'Please wait for the transfer to complete or cancel it first. ' + 'If you proceed, you may lose access to your identity permanently.');
+        }
+      }
+    }
+
     // First, clear all account data
     await clearAllAccountData();
 
     // Then delete the identity keys
     await KeyManager.deleteIdentity(skipBackup, force, userConfirmed);
-  }, [clearAllAccountData]);
+  }, [clearAllAccountData, getAllPendingTransfers, getActiveTransferId]);
 
   // Network reconnect sync - TanStack Query automatically retries mutations on reconnect
   // We only need to sync identity if it's not synced
@@ -300,6 +334,8 @@ export const OxyProvider = ({
     if (!storage) return;
     let wasOffline = false;
     let checkTimeout = null;
+    let lastReconnectionLog = 0;
+    const RECONNECTION_LOG_DEBOUNCE_MS = 5000; // 5 seconds
 
     // Circuit breaker and exponential backoff state
     const stateRef = {
@@ -336,41 +372,47 @@ export const OxyProvider = ({
 
         // If we were offline and now we're online, sync identity if needed
         if (wasOffline) {
-          logger('Network reconnected, checking identity sync...');
+          const now = Date.now();
+          const timeSinceLastLog = now - lastReconnectionLog;
+          if (timeSinceLastLog >= RECONNECTION_LOG_DEBOUNCE_MS) {
+            logger('Network reconnected, checking identity sync...');
+            lastReconnectionLog = now;
 
-          // Sync identity first (if not synced)
-          try {
-            const hasIdentityValue = await hasIdentity();
-            if (hasIdentityValue) {
-              // Check sync status directly - sync if not explicitly 'true'
-              // undefined = not synced yet, 'false' = explicitly not synced, 'true' = synced
-              const syncStatus = await storage.getItem('oxy_identity_synced');
-              if (syncStatus !== 'true') {
-                await syncIdentity();
+            // Sync identity first (if not synced)
+            try {
+              const hasIdentityValue = await hasIdentity();
+              if (hasIdentityValue) {
+                // Check sync status directly - sync if not explicitly 'true'
+                // undefined = not synced yet, 'false' = explicitly not synced, 'true' = synced
+                const syncStatus = await storage.getItem('oxy_identity_synced');
+                if (syncStatus !== 'true') {
+                  await syncIdentity();
+                }
               }
-            }
-          } catch (syncError) {
-            // Skip sync silently if username is required (expected when offline onboarding)
-            if (syncError?.code === 'USERNAME_REQUIRED' || syncError?.message === 'USERNAME_REQUIRED') {
-              if (__DEV__) {
-                loggerUtil.debug('Sync skipped - username required', {
+            } catch (syncError) {
+              // Skip sync silently if username is required (expected when offline onboarding)
+              if (syncError?.code === 'USERNAME_REQUIRED' || syncError?.message === 'USERNAME_REQUIRED') {
+                if (__DEV__) {
+                  loggerUtil.debug('Sync skipped - username required', {
+                    component: 'OxyContext',
+                    method: 'checkNetworkAndSync'
+                  }, syncError);
+                }
+                // Don't log or show error - username will be set later
+              } else if (!isTimeoutOrNetworkError(syncError)) {
+                // Only log unexpected errors - timeouts/network issues are expected when offline
+                logger('Error syncing identity on reconnect', syncError);
+              } else if (__DEV__) {
+                loggerUtil.debug('Identity sync timeout (expected when offline)', {
                   component: 'OxyContext',
                   method: 'checkNetworkAndSync'
                 }, syncError);
               }
-              // Don't log or show error - username will be set later
-            } else if (!isTimeoutOrNetworkError(syncError)) {
-              // Only log unexpected errors - timeouts/network issues are expected when offline
-              logger('Error syncing identity on reconnect', syncError);
-            } else if (__DEV__) {
-              loggerUtil.debug('Identity sync timeout (expected when offline)', {
-                component: 'OxyContext',
-                method: 'checkNetworkAndSync'
-              }, syncError);
             }
           }
 
           // TanStack Query will automatically retry pending mutations
+          // Reset flag immediately after processing (whether logged or not)
           wasOffline = false;
         }
       } catch (error) {
@@ -513,18 +555,92 @@ export const OxyProvider = ({
   // The JWT token's userId field contains the MongoDB ObjectId
   const userId = oxyServices.getCurrentUserId() || user?.id;
 
-  // Store transfer codes in memory for verification
-  // Map: transferId -> { code, sourceDeviceId, publicKey, timestamp }
+  // Transfer code storage interface
+
+  // Store transfer codes in memory for verification (also persisted to storage)
+  // Map: transferId -> TransferCodeData
   const transferCodesRef = useRef(new Map());
+  const activeTransferIdRef = useRef(null);
+  const TRANSFER_CODES_STORAGE_KEY = `${storageKeyPrefix}_transfer_codes`;
+  const ACTIVE_TRANSFER_STORAGE_KEY = `${storageKeyPrefix}_active_transfer_id`;
+
+  // Load transfer codes from storage on startup
+  useEffect(() => {
+    if (!storage || !isStorageReady) return;
+    const loadTransferCodes = async () => {
+      try {
+        // Load transfer codes
+        const storedCodes = await storage.getItem(TRANSFER_CODES_STORAGE_KEY);
+        if (storedCodes) {
+          const parsed = JSON.parse(storedCodes);
+          const now = Date.now();
+          const fifteenMinutes = 15 * 60 * 1000;
+
+          // Only restore non-expired pending transfers
+          Object.entries(parsed).forEach(([transferId, data]) => {
+            if (data.state === 'pending' && now - data.timestamp < fifteenMinutes) {
+              transferCodesRef.current.set(transferId, data);
+              if (__DEV__) {
+                logger('Restored pending transfer from storage', {
+                  transferId
+                });
+              }
+            }
+          });
+        }
+
+        // Load active transfer ID
+        const activeTransferId = await storage.getItem(ACTIVE_TRANSFER_STORAGE_KEY);
+        if (activeTransferId) {
+          // Verify it's still valid
+          const transferData = transferCodesRef.current.get(activeTransferId);
+          if (transferData && transferData.state === 'pending') {
+            activeTransferIdRef.current = activeTransferId;
+            if (__DEV__) {
+              logger('Restored active transfer ID from storage', {
+                transferId: activeTransferId
+              });
+            }
+          } else {
+            // Clear invalid active transfer
+            await storage.removeItem(ACTIVE_TRANSFER_STORAGE_KEY);
+          }
+        }
+      } catch (error) {
+        if (__DEV__) {
+          logger('Failed to load transfer codes from storage', error);
+        }
+      }
+    };
+    loadTransferCodes();
+  }, [storage, isStorageReady, logger, storageKeyPrefix]);
+
+  // Persist transfer codes to storage whenever they change
+  const persistTransferCodes = useCallback(async () => {
+    if (!storage) return;
+    try {
+      const codesToStore = {};
+      transferCodesRef.current.forEach((value, key) => {
+        codesToStore[key] = value;
+      });
+      await storage.setItem(TRANSFER_CODES_STORAGE_KEY, JSON.stringify(codesToStore));
+    } catch (error) {
+      if (__DEV__) {
+        logger('Failed to persist transfer codes', error);
+      }
+    }
+  }, [storage, logger]);
 
   // Cleanup old transfer codes (older than 15 minutes)
   useEffect(() => {
-    const cleanup = setInterval(() => {
+    const cleanup = setInterval(async () => {
       const now = Date.now();
       const fifteenMinutes = 15 * 60 * 1000;
+      let needsPersist = false;
       transferCodesRef.current.forEach((value, key) => {
         if (now - value.timestamp > fifteenMinutes) {
           transferCodesRef.current.delete(key);
+          needsPersist = true;
           if (__DEV__) {
             logger('Cleaned up expired transfer code', {
               transferId: key
@@ -532,19 +648,49 @@ export const OxyProvider = ({
           }
         }
       });
+
+      // Clear active transfer if it was deleted
+      if (activeTransferIdRef.current && !transferCodesRef.current.has(activeTransferIdRef.current)) {
+        activeTransferIdRef.current = null;
+        if (storage) {
+          try {
+            await storage.removeItem(ACTIVE_TRANSFER_STORAGE_KEY);
+          } catch (error) {
+            // Ignore storage errors
+          }
+        }
+      }
+      if (needsPersist) {
+        await persistTransferCodes();
+      }
     }, 60000); // Check every minute
 
     return () => clearInterval(cleanup);
-  }, [logger]);
+  }, [logger, persistTransferCodes, storage]);
 
   // Transfer code management functions
-  const storeTransferCode = useCallback((transferId, code, sourceDeviceId, publicKey) => {
-    transferCodesRef.current.set(transferId, {
+  const storeTransferCode = useCallback(async (transferId, code, sourceDeviceId, publicKey) => {
+    const transferData = {
       code,
       sourceDeviceId,
       publicKey,
-      timestamp: Date.now()
-    });
+      timestamp: Date.now(),
+      state: 'pending'
+    };
+    transferCodesRef.current.set(transferId, transferData);
+    activeTransferIdRef.current = transferId;
+
+    // Persist to storage
+    await persistTransferCodes();
+    if (storage) {
+      try {
+        await storage.setItem(ACTIVE_TRANSFER_STORAGE_KEY, transferId);
+      } catch (error) {
+        if (__DEV__) {
+          logger('Failed to persist active transfer ID', error);
+        }
+      }
+    }
     if (__DEV__) {
       logger('Stored transfer code', {
         transferId,
@@ -552,18 +698,57 @@ export const OxyProvider = ({
         publicKey: publicKey.substring(0, 16) + '...'
       });
     }
-  }, [logger]);
+  }, [logger, persistTransferCodes, storage]);
   const getTransferCode = useCallback(transferId => {
     return transferCodesRef.current.get(transferId) || null;
   }, []);
-  const clearTransferCode = useCallback(transferId => {
+  const updateTransferState = useCallback(async (transferId, state) => {
+    const transferData = transferCodesRef.current.get(transferId);
+    if (transferData) {
+      transferData.state = state;
+      transferCodesRef.current.set(transferId, transferData);
+
+      // Clear active transfer if completed or failed
+      if (state === 'completed' || state === 'failed') {
+        if (activeTransferIdRef.current === transferId) {
+          activeTransferIdRef.current = null;
+          if (storage) {
+            try {
+              await storage.removeItem(ACTIVE_TRANSFER_STORAGE_KEY);
+            } catch (error) {
+              // Ignore storage errors
+            }
+          }
+        }
+      }
+      await persistTransferCodes();
+      if (__DEV__) {
+        logger('Updated transfer state', {
+          transferId,
+          state
+        });
+      }
+    }
+  }, [logger, persistTransferCodes, storage]);
+  const clearTransferCode = useCallback(async transferId => {
     transferCodesRef.current.delete(transferId);
+    if (activeTransferIdRef.current === transferId) {
+      activeTransferIdRef.current = null;
+      if (storage) {
+        try {
+          await storage.removeItem(ACTIVE_TRANSFER_STORAGE_KEY);
+        } catch (error) {
+          // Ignore storage errors
+        }
+      }
+    }
+    await persistTransferCodes();
     if (__DEV__) {
       logger('Cleared transfer code', {
         transferId
       });
     }
-  }, [logger]);
+  }, [logger, persistTransferCodes, storage]);
   const refreshSessionsWithUser = useCallback(() => refreshSessions(userId), [refreshSessions, userId]);
   const handleSessionRemoved = useCallback(sessionId => {
     trackRemovedSession(sessionId);
@@ -573,14 +758,6 @@ export const OxyProvider = ({
     logout().catch(remoteError => logger('Failed to process remote sign out', remoteError));
   }, [logger, logout]);
   const handleIdentityTransferComplete = useCallback(async data => {
-    if (__DEV__) {
-      console.log('[OxyContext] handleIdentityTransferComplete called', {
-        transferId: data.transferId,
-        sourceDeviceId: data.sourceDeviceId,
-        currentDeviceId,
-        hasActiveSession: activeSessionId !== null
-      });
-    }
     try {
       logger('Received identity transfer complete notification', {
         transferId: data.transferId,
@@ -589,29 +766,14 @@ export const OxyProvider = ({
         hasActiveSession: activeSessionId !== null,
         publicKey: data.publicKey.substring(0, 16) + '...'
       });
-
-      // Get stored transfer code for verification
       const storedTransfer = getTransferCode(data.transferId);
       if (!storedTransfer) {
-        if (__DEV__) {
-          console.warn('[OxyContext] Transfer code not found for transferId', {
-            transferId: data.transferId
-          });
-        }
         logger('Transfer code not found for transferId', {
           transferId: data.transferId
         });
         toast.error('Transfer verification failed: Code not found. Identity will not be deleted.');
         return;
       }
-      if (__DEV__) {
-        console.log('[OxyContext] Found stored transfer code', {
-          transferId: data.transferId,
-          storedSourceDeviceId: storedTransfer.sourceDeviceId,
-          receivedSourceDeviceId: data.sourceDeviceId,
-          currentDeviceId
-        });
-      }
 
       // Verify publicKey matches first (most important check)
       const publicKeyMatches = data.publicKey === storedTransfer.publicKey;
@@ -668,13 +830,6 @@ export const OxyProvider = ({
           // Don't block - publicKey match is sufficient, code mismatch might be due to user error
           // Log warning but proceed
         }
-      } else {
-        // If transfer code is not provided, log info but proceed
-        if (__DEV__) {
-          logger('Transfer code not provided in completion notification, but publicKey matches - proceeding', {
-            transferId: data.transferId
-          });
-        }
       }
 
       // Check if transfer is too old (safety timeout - 10 minutes)
@@ -691,13 +846,37 @@ export const OxyProvider = ({
         return;
       }
 
-      // All verifications passed - automatically delete identity
-      if (__DEV__) {
-        console.log('[OxyContext] All verifications passed, deleting identity', {
+      // CRITICAL: Verify target device has identity before deleting on source device
+      // This ensures we never lose the identity
+      try {
+        logger('Verifying target device has identity before deletion', {
           transferId: data.transferId,
-          sourceDeviceId: data.sourceDeviceId,
-          currentDeviceId
+          publicKey: data.publicKey.substring(0, 16) + '...'
+        });
+
+        // Verify target device has active session with matching public key
+        const verifyResponse = await oxyServices.makeRequest('GET', `/api/identity/verify-transfer?publicKey=${encodeURIComponent(data.publicKey)}`, undefined, {
+          cache: false
+        });
+        if (!verifyResponse.verified || !verifyResponse.hasActiveSession) {
+          logger('Target device verification failed - identity will not be deleted', {
+            transferId: data.transferId,
+            verified: verifyResponse.verified,
+            hasActiveSession: verifyResponse.hasActiveSession
+          });
+          await updateTransferState(data.transferId, 'failed');
+          toast.error('Transfer verification failed: Target device does not have active session. Identity will not be deleted.');
+          return;
+        }
+        logger('Target device verification passed', {
+          transferId: data.transferId
         });
+      } catch (verifyError) {
+        // If verification fails, don't delete identity - it's safer to keep it
+        logger('Failed to verify target device - identity will not be deleted', verifyError);
+        await updateTransferState(data.transferId, 'failed');
+        toast.error('Transfer verification failed: Could not verify target device. Identity will not be deleted.');
+        return;
       }
       logger('All transfer verifications passed, deleting identity from source device', {
         transferId: data.transferId,
@@ -705,29 +884,43 @@ export const OxyProvider = ({
         publicKey: data.publicKey.substring(0, 16) + '...'
       });
       try {
-        await deleteIdentityAndClearAccount(false, false, true);
-        if (__DEV__) {
-          console.log('[OxyContext] Identity deleted successfully');
+        // Verify identity still exists before deletion (safety check)
+        const identityStillExists = await KeyManager.hasIdentity();
+        if (!identityStillExists) {
+          logger('Identity already deleted - skipping deletion', {
+            transferId: data.transferId
+          });
+          await updateTransferState(data.transferId, 'completed');
+          await clearTransferCode(data.transferId);
+          return;
         }
+        await deleteIdentityAndClearAccount(false, false, true);
 
-        // Clear the transfer code after successful deletion
-        clearTransferCode(data.transferId);
+        // Verify identity was actually deleted
+        const identityDeleted = !(await KeyManager.hasIdentity());
+        if (!identityDeleted) {
+          logger('Identity deletion failed - identity still exists', {
+            transferId: data.transferId
+          });
+          await updateTransferState(data.transferId, 'failed');
+          throw new Error('Identity deletion failed - identity still exists');
+        }
+        await updateTransferState(data.transferId, 'completed');
+        await clearTransferCode(data.transferId);
         logger('Identity successfully deleted and transfer code cleared', {
           transferId: data.transferId
         });
         toast.success('Identity successfully transferred and removed from this device');
       } catch (deleteError) {
-        if (__DEV__) {
-          console.error('[OxyContext] Error deleting identity', deleteError);
-        }
         logger('Error during identity deletion', deleteError);
-        throw deleteError; // Re-throw to be caught by outer catch
+        await updateTransferState(data.transferId, 'failed');
+        throw deleteError;
       }
     } catch (error) {
       logger('Failed to delete identity after transfer', error);
       toast.error(error?.message || 'Failed to remove identity from this device. Please try again manually from Security Settings.');
     }
-  }, [deleteIdentityAndClearAccount, logger, getTransferCode, clearTransferCode, currentDeviceId, activeSessionId]);
+  }, [deleteIdentityAndClearAccount, logger, getTransferCode, clearTransferCode, updateTransferState, currentDeviceId, activeSessionId, oxyServices]);
   useSessionSocket({
     userId,
     activeSessionId,
@@ -807,6 +1000,9 @@ export const OxyProvider = ({
     storeTransferCode,
     getTransferCode,
     clearTransferCode,
+    getAllPendingTransfers,
+    getActiveTransferId,
+    updateTransferState,
     identitySyncState: {
       isSynced: isIdentitySyncedStore ?? true,
       isSyncing: isSyncing ?? false
@@ -826,7 +1022,7 @@ export const OxyProvider = ({
     useFollow: useFollowHook,
     showBottomSheet: showBottomSheetForContext,
     openAvatarPicker
-  }), [activeSessionId, currentDeviceId, createIdentity, importIdentity, signIn, hasIdentity, getPublicKey, isIdentitySynced, syncIdentity, deleteIdentityAndClearAccount, storeTransferCode, getTransferCode, clearTransferCode, isIdentitySyncedStore, isSyncing, currentLanguage, currentLanguageMetadata, currentLanguageName, currentNativeLanguageName, error, getDeviceSessions, isAuthenticated, isLoading, logout, logoutAll, logoutAllDeviceSessions, oxyServices, refreshSessionsWithUser, sessions, setLanguage, switchSessionForContext, tokenReady, isStorageReady, updateDeviceName, clearAllAccountData, useFollowHook, user, showBottomSheetForContext, openAvatarPicker]);
+  }), [activeSessionId, currentDeviceId, createIdentity, importIdentity, signIn, hasIdentity, getPublicKey, isIdentitySynced, syncIdentity, deleteIdentityAndClearAccount, storeTransferCode, getTransferCode, clearTransferCode, getAllPendingTransfers, getActiveTransferId, updateTransferState, isIdentitySyncedStore, isSyncing, currentLanguage, currentLanguageMetadata, currentLanguageName, currentNativeLanguageName, error, getDeviceSessions, isAuthenticated, isLoading, logout, logoutAll, logoutAllDeviceSessions, oxyServices, refreshSessionsWithUser, sessions, setLanguage, switchSessionForContext, tokenReady, isStorageReady, updateDeviceName, clearAllAccountData, useFollowHook, user, showBottomSheetForContext, openAvatarPicker]);
   return /*#__PURE__*/_jsx(OxyContext.Provider, {
     value: contextValue,
     children: children