From 3d94b2a92d69f6dc4166d4fb7bba4cf8d8df9d62 Mon Sep 17 00:00:00 2001
From: Tomasz Lesniakiewicz <tlesniakiewicz@gmail.com>
Date: Mon, 12 Jan 2026 15:02:53 +0100
Subject: [PATCH] Prevent reauthentication if credentials are missing

---
 src/libs/Authentication.ts | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/libs/Authentication.ts b/src/libs/Authentication.ts
index 51dcf99b42cd0..72523a294faf2 100644
--- a/src/libs/Authentication.ts
+++ b/src/libs/Authentication.ts
@@ -130,6 +130,14 @@ function reauthenticate(command = ''): Promise<boolean> {
         const partnerName = shouldUseNewPartnerName ? CONFIG.EXPENSIFY.PARTNER_NAME : CONFIG.EXPENSIFY.LEGACY_PARTNER_NAME;
         const partnerPassword = shouldUseNewPartnerName ? CONFIG.EXPENSIFY.PARTNER_PASSWORD : CONFIG.EXPENSIFY.LEGACY_PARTNER_PASSWORD;
 
+        // Prevent reauthentication if credentials are missing (e.g. after sign out)
+        if (!credentials?.autoGeneratedLogin || !credentials?.autoGeneratedPassword) {
+            Log.info('Reauthenticate - No credentials available, redirecting to sign in');
+            setIsAuthenticating(false);
+            redirectToSignIn('No credentials available');
+            return false;
+        }
+
         Log.info(`Reauthenticate - re-authenticating with ${shouldUseNewPartnerName ? 'new' : 'old'} partner name`);
 
         Log.hmmm('Reauthenticate - Starting authentication process', {
@@ -140,8 +148,8 @@ function reauthenticate(command = ''): Promise<boolean> {
             useExpensifyLogin: false,
             partnerName,
             partnerPassword,
-            partnerUserID: credentials?.autoGeneratedLogin,
-            partnerUserSecret: credentials?.autoGeneratedPassword,
+            partnerUserID: credentials.autoGeneratedLogin,
+            partnerUserSecret: credentials.autoGeneratedPassword,
         }).then((response) => {
             if (!response) {
                 return false;