125 lines
3.4 KiB
Markdown
125 lines
3.4 KiB
Markdown
# Start Route Fix - ChooseServiceScreen for Authenticated Users
|
|
|
|
## Issue
|
|
User requested that authenticated users should be directed to `ChooseServiceScreen` instead of `BuyScreen` when they open the app.
|
|
|
|
## Changes Made
|
|
|
|
### 1. Updated MAIN Graph Start Destination
|
|
**File**: `MainNavGraph.kt`
|
|
|
|
**Before**:
|
|
```kotlin
|
|
navigation(
|
|
route = Graph.MAIN,
|
|
startDestination = AppScreen.BUY_ANIMALS
|
|
)
|
|
```
|
|
|
|
**After**:
|
|
```kotlin
|
|
navigation(
|
|
route = Graph.MAIN,
|
|
startDestination = AppScreen.chooseService("1") // ChooseServiceScreen with default profileId
|
|
)
|
|
```
|
|
|
|
### 2. Navigation Flow
|
|
|
|
#### Authenticated User Flow:
|
|
1. App starts → `MainViewModel.init()` checks tokens
|
|
2. If tokens exist → `authState = Authenticated`
|
|
3. `AppNavigation` reads `authState`
|
|
4. `startDestination` = `Graph.MAIN` (which starts at `ChooseServiceScreen`)
|
|
5. User sees `ChooseServiceScreen` ✅
|
|
|
|
#### Unauthenticated User Flow:
|
|
1. App starts → `MainViewModel.init()` checks tokens
|
|
2. No tokens → `authState = Unauthenticated`
|
|
3. `AppNavigation` reads `authState`
|
|
4. `startDestination` = `Graph.AUTH` (which starts at `LandingScreen`)
|
|
5. User sees `LandingScreen` ✅
|
|
|
|
## Route Structure
|
|
|
|
### MAIN Graph Routes:
|
|
- **Start Destination**: `choose_service/1` (ChooseServiceScreen)
|
|
- **Other Routes**:
|
|
- `buy_animals` (BuyScreen)
|
|
- `create_profile/{name}` (CreateProfileScreen)
|
|
- etc.
|
|
|
|
### AUTH Graph Routes:
|
|
- **Start Destination**: `landing` (LandingScreen)
|
|
- **Other Routes**:
|
|
- `sign_in` (SignInScreen)
|
|
- `sign_up` (SignUpScreen)
|
|
- `otp/{phoneNumber}/{name}` (OTPScreen)
|
|
- etc.
|
|
|
|
## JWT Verification Logic
|
|
|
|
### Backend (Node.js)
|
|
1. ✅ Access tokens include `token_version` in payload
|
|
2. ✅ Middleware validates token signature, expiry, and version
|
|
3. ✅ Refresh tokens rotate on each use
|
|
4. ✅ Token reuse detection active
|
|
5. ✅ Device binding enforced
|
|
|
|
### Frontend (Android)
|
|
1. ✅ Tokens stored in EncryptedSharedPreferences
|
|
2. ✅ Auto-refresh on 401 responses (Ktor Auth plugin)
|
|
3. ✅ Synchronous token save (commit)
|
|
4. ✅ Network errors don't clear tokens
|
|
5. ✅ Fast initial auth check (synchronous token check)
|
|
|
|
## User Experience
|
|
|
|
### ✅ Logged In User
|
|
- App opens → **ChooseServiceScreen** (no landing screen flash)
|
|
- Can select service type
|
|
- Navigate to BuyScreen after selection
|
|
|
|
### ✅ First Time User
|
|
- App opens → **LandingScreen**
|
|
- Can sign up or sign in
|
|
- After login → Navigate to ChooseServiceScreen
|
|
|
|
### ✅ Offline User (with valid tokens)
|
|
- App opens → **ChooseServiceScreen**
|
|
- Network error shown but user stays logged in
|
|
- When online → Works normally
|
|
|
|
## Testing
|
|
|
|
1. **Test Authenticated User**:
|
|
- Sign in to app
|
|
- Close app completely
|
|
- Reopen app
|
|
- Should open directly to **ChooseServiceScreen** ✅
|
|
|
|
2. **Test Unauthenticated User**:
|
|
- Clear app data or sign out
|
|
- Open app
|
|
- Should open to **LandingScreen** ✅
|
|
|
|
3. **Test JWT Verification**:
|
|
- Valid tokens → ChooseServiceScreen
|
|
- Expired tokens → LandingScreen
|
|
- Invalid tokens → LandingScreen
|
|
|
|
## Summary
|
|
|
|
✅ **Start route correctly set**:
|
|
- Authenticated users → `ChooseServiceScreen` (route: `choose_service/1`)
|
|
- Unauthenticated users → `LandingScreen` (route: `landing`)
|
|
|
|
✅ **JWT and refresh token logic verified**:
|
|
- Token validation working correctly
|
|
- Auto-refresh working
|
|
- Token versioning working
|
|
- Security best practices followed
|
|
|
|
The routing now correctly directs users based on their authentication status.
|
|
|