From ec2d76a9fe829bb66558c70ec500e202255e2258 Mon Sep 17 00:00:00 2001
From: Andrew Erickson <aerickson14@gmail.com>
Date: Sun, 2 May 2021 09:10:39 -0600
Subject: [PATCH] clear login credentials after any auth failure

---
 Xcodes/Backend/AppState.swift | 25 +++++++++++++------------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/Xcodes/Backend/AppState.swift b/Xcodes/Backend/AppState.swift
index d572dd7..659bef3 100644
--- a/Xcodes/Backend/AppState.swift
+++ b/Xcodes/Backend/AppState.swift
@@ -130,7 +130,7 @@ class AppState: ObservableObject {
         authError = nil
         signIn(username: username, password: password)
             .sink(
-                receiveCompletion: { _ in }, 
+                receiveCompletion: { _ in },
                 receiveValue: { _ in }
             )
             .store(in: &cancellables)
@@ -206,13 +206,8 @@ class AppState: ObservableObject {
     private func handleAuthenticationFlowCompletion(_ completion: Subscribers.Completion<Error>) {
         switch completion {
         case let .failure(error):
-            if case .invalidUsernameOrPassword = error as? AuthenticationError,
-               let username = savedUsername {
-                // remove any keychain password if we fail to log with an invalid username or password so it doesn't try again.
-                try? Current.keychain.remove(username)
-                Current.defaults.removeObject(forKey: "username")
-            }
-
+            // remove saved username and any stored keychain password if authentication fails so it doesn't try again.
+            clearLoginCredentials()
             Logger.appState.error("Authentication error: \(error.legibleDescription)")
             self.authError = error
         case .finished:
@@ -227,10 +222,7 @@ class AppState: ObservableObject {
     }
     
     func signOut() {
-        if let username = savedUsername {
-            try? Current.keychain.remove(username)
-        }
-        Current.defaults.removeObject(forKey: "username")
+        clearLoginCredentials()
         AppleAPI.Current.network.session.configuration.httpCookieStorage?.removeCookies(since: .distantPast)
         authenticationState = .unauthenticated
     }
@@ -567,6 +559,15 @@ class AppState: ObservableObject {
         .eraseToAnyPublisher()
     }
 
+    /// removes saved username and credentials stored in keychain
+    private func clearLoginCredentials() {
+        if let username = savedUsername {
+            try? Current.keychain.remove(username)
+        }
+        Current.defaults.removeObject(forKey: "username")
+
+    }
+
     // MARK: - Nested Types
 
     struct AlertContent: Identifiable {