From 750423ce6cab76ae4c542dddfa5da0d579c83e22 Mon Sep 17 00:00:00 2001 From: Mohammad Jafarinejad <71210799+mohammadjafarinejad@users.noreply.github.com> Date: Sat, 21 Feb 2026 10:50:30 +0400 Subject: [PATCH] fix: Login: Refreshing "Enter 2FA code" page shows empty Sign In screen --- src/libs/actions/SignInRedirect.ts | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/src/libs/actions/SignInRedirect.ts b/src/libs/actions/SignInRedirect.ts index 38478e1b499ff..26270fc5715fa 100644 --- a/src/libs/actions/SignInRedirect.ts +++ b/src/libs/actions/SignInRedirect.ts @@ -11,6 +11,8 @@ import {clearAllPolicies} from './Policy/Policy'; let currentIsOffline: boolean | undefined; let currentShouldForceOffline: boolean | undefined; let currentIsUsingImportedState: boolean | undefined; +let currentSessionAuthToken: string | undefined; +let currentCredentialsValidateCode: string | undefined; // We use connectWithoutView here because we only need to track network state for sign-in redirect logic, which is not connected to any changes on the UI layer Onyx.connectWithoutView({ @@ -28,6 +30,20 @@ Onyx.connectWithoutView({ }, }); +Onyx.connectWithoutView({ + key: ONYXKEYS.SESSION, + callback: (session) => { + currentSessionAuthToken = session?.authToken; + }, +}); + +Onyx.connectWithoutView({ + key: ONYXKEYS.CREDENTIALS, + callback: (credentials) => { + currentCredentialsValidateCode = credentials?.validateCode; + }, +}); + function clearStorageAndRedirect(errorMessage?: string): Promise { // Under certain conditions, there are key-values we'd like to keep in storage even when a user is logged out. // We pass these into the clear() method in order to avoid having to reset them on a delayed tick and getting @@ -54,6 +70,15 @@ function clearStorageAndRedirect(errorMessage?: string): Promise { keysToPreserve.push(ONYXKEYS.NETWORK); } + // When the user is in the middle of a 2FA sign-in flow (they've entered their magic code but not yet completed + // 2FA), we want to preserve their credentials and account state so that after a page refresh they are still + // prompted to enter their 2FA code rather than being sent back to the initial sign-in page. + const isIncompleteSignIn = !currentSessionAuthToken && !!currentCredentialsValidateCode; + if (isIncompleteSignIn) { + keysToPreserve.push(ONYXKEYS.CREDENTIALS); + keysToPreserve.push(ONYXKEYS.ACCOUNT); + } + return Onyx.clear(keysToPreserve).then(() => { if (CONFIG.IS_HYBRID_APP) { resetSignInFlow();