From 8cc8a465c7b670d7f405a59e995032872eb3684d Mon Sep 17 00:00:00 2001
From: Alex Gleason <alex@alexgleason.me>
Date: Fri, 9 Jul 2021 16:24:18 -0500
Subject: [PATCH] Auth: sanitize the initial state

---
 app/soapbox/reducers/auth.js | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/app/soapbox/reducers/auth.js b/app/soapbox/reducers/auth.js
index 60b182604..29bc8fcd8 100644
--- a/app/soapbox/reducers/auth.js
+++ b/app/soapbox/reducers/auth.js
@@ -83,6 +83,24 @@ const migrateLegacy = state => {
   });
 };
 
+// Checks the state and makes it valid
+const sanitizeState = state => {
+  return state.withMutations(state => {
+    // Remove invalid users, ensure ID match
+    state.update('users', ImmutableMap(), users => (
+      users.filter((user, id) => (
+        validUser(user) && user.get('id') === id
+      ))
+    ));
+    // Remove mismatched tokens
+    state.update('tokens', ImmutableMap(), tokens => (
+      tokens.filter((token, id) => (
+        validId(id) && token.get('access_token') === id
+      ))
+    ));
+  });
+};
+
 const persistAuth = state => localStorage.setItem('soapbox:auth', JSON.stringify(state.toJS()));
 
 const persistSession = state => {
@@ -102,6 +120,7 @@ const initialize = state => {
     maybeShiftMe(state);
     setSessionUser(state);
     migrateLegacy(state);
+    sanitizeState(state);
     persistState(state);
   });
 };