sergei_t/WellNuo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add encryption key cleanup on logout

Browse Source 
- Clear master encryption key when user logs out
- Ensures WiFi passwords cannot be decrypted after logout
- Improves security by removing cryptographic material
- Complements existing WiFi password clearing on logout

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Sergei 2026-01-29 12:28:56 -08:00
parent f8f195845d
commit a1264631c0
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
services/api.ts
View File

@ -212,7 +212,7 @@ class ApiService {
} }
} }
// Clear WiFi passwords from SecureStore // Clear WiFi passwords and encryption key from SecureStore
try { try {
await wifiPasswordStore.clearAllWiFiPasswords(); await wifiPasswordStore.clearAllWiFiPasswords();
} catch (error) { } catch (error) {
@ -220,6 +220,15 @@ class ApiService {
// Continue with logout even if cleanup fails // Continue with logout even if cleanup fails
} }
// Clear encryption key
try {
const { clearEncryptionKey } = await import('./encryption');
await clearEncryptionKey();
} catch (error) {
console.error('[API] Encryption key cleanup failed during logout:', error);
// Continue with logout even if cleanup fails
}
// Clear WellNuo API auth data // Clear WellNuo API auth data
await SecureStore.deleteItemAsync('accessToken'); await SecureStore.deleteItemAsync('accessToken');
await SecureStore.deleteItemAsync('userId'); await SecureStore.deleteItemAsync('userId');