messy logout fixing

frontend/src/store/authStore.ts

@@ -5,6 +5,7 @@
 import { create } from 'zustand';
 import { persist } from 'zustand/middleware';
 import { fetchAPI } from '../services/api';
+import { trackLogout } from '../services/logoutTracker';
 
 type AuthErrorCode = 'ACCOUNT_REQUIRED' | 'PLAN_REQUIRED' | 'AUTH_FAILED';
 
@@ -37,8 +38,8 @@ interface AuthState {
   loading: boolean;
   
   // Actions
-  login: (email: string, password: string) => Promise<void>;
-  logout: () => void;
+  login: (email: string, password: string, rememberMe?: boolean) => Promise<void>;
+  logout: (reason?: string, type?: 'USER_ACTION' | 'TOKEN_EXPIRED' | 'REFRESH_FAILED' | 'AUTH_ERROR' | 'UNKNOWN') => void;
   register: (data: any) => Promise<void>;
   setUser: (user: User | null) => void;
   setToken: (token: string | null) => void;
@@ -54,7 +55,7 @@ export const useAuthStore = create<AuthState>()(
       isAuthenticated: false,
       loading: false, // Always start with loading false - will be set true only during login/register
       
-      login: async (email, password) => {
+      login: async (email, password, rememberMe = false) => {
         set({ loading: true });
         try {
           const API_BASE_URL = import.meta.env.VITE_BACKEND_URL || 'https://api.igny8.com/api';
@@ -63,7 +64,12 @@ export const useAuthStore = create<AuthState>()(
             headers: {
               'Content-Type': 'application/json',
             },
-            body: JSON.stringify({ email, password }),
+            body: JSON.stringify({ 
+              email, 
+              password,
+              remember_me: rememberMe,
+              device_id: localStorage.getItem('device_id') || crypto.randomUUID()
+            }),
           });
 
           const data = await response.json();
@@ -143,7 +149,17 @@ export const useAuthStore = create<AuthState>()(
         }
       },
       
-      logout: () => {
+      logout: (reason = 'User clicked logout', type: 'USER_ACTION' | 'TOKEN_EXPIRED' | 'REFRESH_FAILED' | 'AUTH_ERROR' | 'UNKNOWN' = 'USER_ACTION') => {
+        // Track logout with detailed context
+        const currentState = get();
+        trackLogout(reason, type, {
+          hasToken: !!currentState.token,
+          hasRefreshToken: !!currentState.refreshToken,
+          isAuthenticated: currentState.isAuthenticated,
+          userId: currentState.user?.id,
+          userEmail: currentState.user?.email,
+        });
+        
         // CRITICAL: Properly clear ALL cookies to prevent session contamination
         const cookies = document.cookie.split(";");
         for (let i = 0; i < cookies.length; i++) {
@@ -167,8 +183,12 @@ export const useAuthStore = create<AuthState>()(
           }
         });
         
-        // Clear sessionStorage
+        // Clear sessionStorage (except logout tracking)
+        const logoutReason = sessionStorage.getItem('last_logout_reason');
         sessionStorage.clear();
+        if (logoutReason) {
+          sessionStorage.setItem('last_logout_reason', logoutReason);
+        }
         
         // Reset auth state to initial values
         set({