clear BrowserStorage with possibly sensitive data when another user i…

…s logged in on this device Signed-off-by: Maksim Sukharev <antreesy.web@gmail.com>
nextcloud · Aug 22, 2023 · 7f8ce07 · 7f8ce07
1 parent 394f1a1
commit 7f8ce07
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/src/App.vue b/src/App.vue
@@ -227,6 +227,22 @@ export default {
 		},
 	},
 
+	beforeCreate() {
+		const authorizedUser = getCurrentUser()?.uid || null
+		const lastLoggedInUser = BrowserStorage.getItem('last_logged_in_user')
+
+		if (authorizedUser !== lastLoggedInUser) {
+			// TODO introduce helper/util to list and clear all sensitive data
+			// or create BrowserSensitiveStorage for this purposes,
+			// if we have more than one source
+			BrowserStorage.removeItem('cachedConversations')
+		}
+
+		if (authorizedUser) {
+			BrowserStorage.setItem('last_logged_in_user', authorizedUser)
+		}
+	},
+
 	beforeDestroy() {
 		if (!getCurrentUser()) {
 			EventBus.$off('should-refresh-conversations', this.debounceRefreshCurrentConversation)