LivingAi
/
auth
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
auth/START_ROUTE_FIX.md

3.4 KiB
Raw Blame History

Start Route Fix - ChooseServiceScreen for Authenticated Users

Issue

User requested that authenticated users should be directed to ChooseServiceScreen instead of BuyScreen when they open the app.

Changes Made

1. Updated MAIN Graph Start Destination

File: MainNavGraph.kt

Before:

navigation(
    route = Graph.MAIN,
    startDestination = AppScreen.BUY_ANIMALS
)

After:

navigation(
    route = Graph.MAIN,
    startDestination = AppScreen.chooseService("1") // ChooseServiceScreen with default profileId
)

2. Navigation Flow

Authenticated User Flow:

  1. App starts → MainViewModel.init() checks tokens
  2. If tokens exist → authState = Authenticated
  3. AppNavigation reads authState
  4. startDestination = Graph.MAIN (which starts at ChooseServiceScreen)
  5. User sees ChooseServiceScreen

Unauthenticated User Flow:

  1. App starts → MainViewModel.init() checks tokens
  2. No tokens → authState = Unauthenticated
  3. AppNavigation reads authState
  4. startDestination = Graph.AUTH (which starts at LandingScreen)
  5. User sees LandingScreen

Route Structure

MAIN Graph Routes:

  • Start Destination: choose_service/1 (ChooseServiceScreen)
  • Other Routes:
    • buy_animals (BuyScreen)
    • create_profile/{name} (CreateProfileScreen)
    • etc.

AUTH Graph Routes:

  • Start Destination: landing (LandingScreen)
  • Other Routes:
    • sign_in (SignInScreen)
    • sign_up (SignUpScreen)
    • otp/{phoneNumber}/{name} (OTPScreen)
    • etc.

JWT Verification Logic

Backend (Node.js)

  1. Access tokens include token_version in payload
  2. Middleware validates token signature, expiry, and version
  3. Refresh tokens rotate on each use
  4. Token reuse detection active
  5. Device binding enforced

Frontend (Android)

  1. Tokens stored in EncryptedSharedPreferences
  2. Auto-refresh on 401 responses (Ktor Auth plugin)
  3. Synchronous token save (commit)
  4. Network errors don't clear tokens
  5. Fast initial auth check (synchronous token check)

User Experience

Logged In User

  • App opens → ChooseServiceScreen (no landing screen flash)
  • Can select service type
  • Navigate to BuyScreen after selection

First Time User

  • App opens → LandingScreen
  • Can sign up or sign in
  • After login → Navigate to ChooseServiceScreen

Offline User (with valid tokens)

  • App opens → ChooseServiceScreen
  • Network error shown but user stays logged in
  • When online → Works normally

Testing

  1. Test Authenticated User:

    • Sign in to app
    • Close app completely
    • Reopen app
    • Should open directly to ChooseServiceScreen

  2. Test Unauthenticated User:

    • Clear app data or sign out
    • Open app
    • Should open to LandingScreen

  3. Test JWT Verification:

    • Valid tokens → ChooseServiceScreen
    • Expired tokens → LandingScreen
    • Invalid tokens → LandingScreen

Summary

Start route correctly set:

  • Authenticated users → ChooseServiceScreen (route: choose_service/1)
  • Unauthenticated users → LandingScreen (route: landing)

JWT and refresh token logic verified:

  • Token validation working correctly
  • Auto-refresh working
  • Token versioning working
  • Security best practices followed

The routing now correctly directs users based on their authentication status.