From a1264631c098759fdeb0b46381d1956ed12806d6 Mon Sep 17 00:00:00 2001
From: Sergei <serter2069@gmail.com>
Date: Thu, 29 Jan 2026 12:28:56 -0800
Subject: [PATCH] Add encryption key cleanup on logout
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Clear master encryption key when user logs out
- Ensures WiFi passwords cannot be decrypted after logout
- Improves security by removing cryptographic material
- Complements existing WiFi password clearing on logout

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 services/api.ts | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/services/api.ts b/services/api.ts
index 0586f30..6f37b36 100644
--- a/services/api.ts
+++ b/services/api.ts
@@ -212,7 +212,7 @@ class ApiService {
       }
     }
 
-    // Clear WiFi passwords from SecureStore
+    // Clear WiFi passwords and encryption key from SecureStore
     try {
       await wifiPasswordStore.clearAllWiFiPasswords();
     } catch (error) {
@@ -220,6 +220,15 @@ class ApiService {
       // Continue with logout even if cleanup fails
     }
 
+    // Clear encryption key
+    try {
+      const { clearEncryptionKey } = await import('./encryption');
+      await clearEncryptionKey();
+    } catch (error) {
+      console.error('[API] Encryption key cleanup failed during logout:', error);
+      // Continue with logout even if cleanup fails
+    }
+
     // Clear WellNuo API auth data
     await SecureStore.deleteItemAsync('accessToken');
     await SecureStore.deleteItemAsync('userId');