fix(auth): clear token from SharedPreferences on logout

[may-tas]

Fixes #536

Describe the changes you have made in this PR -

• Added a null check in lib/services/local_storage_service.dart at the beginning of _saveToDisk().
• Previously, null values were ignored because they failed the content is String check, resulting in tokens never actually being removed from SharedPreferences when a user logged out.
• Now, passing null correctly triggers _preferences!.remove(key) directly.

Screenshots of the changes (If any) -
N/A

Summary by CodeRabbit

• Bug Fixes
  • Improved local storage handling to properly clear stored data when needed.

[netlify]

✅ Deploy Preview for cv-mobile-app-web ready!

Name	Link
🔨 Latest commit	edecd09
🔍 Latest deploy log	https://app.netlify.com/projects/cv-mobile-app-web/deploys/69bbc5d4a89e11000802a4e5
😎 Deploy Preview	https://deploy-preview-538--cv-mobile-app-web.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[coderabbitai]

Walkthrough

The LocalStorageService._saveToDisk method now explicitly handles null content values. When content is null, the method removes the corresponding key from SharedPreferences and returns early, rather than attempting to process the value through type-specific set operations. Non-null content handling remains unchanged. This resolves a security issue where null values assigned during logout were not being cleared from persistent storage.

Suggested labels

potential-ai-slop

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix(auth): clear token from SharedPreferences on logout' accurately describes the main change: adding null handling to remove tokens on logout.
Linked Issues check	✅ Passed	The PR implements the required fix from issue #536: adding null check in _saveToDisk() to call _preferences!.remove(key) when content is null, ensuring tokens are removed on logout.
Out of Scope Changes check	✅ Passed	All changes are strictly in-scope, modifying only lib/services/local_storage_service.dart to handle null values as required by issue #536.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

You can generate walkthrough in a markdown collapsible section to save space.

Enable the reviews.collapse_walkthrough setting to generate walkthrough in a markdown collapsible section.

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

lib/services/local_storage_service.dart (1)

82-84: ⚠️ Potential issue | 🟠 Major

currentUser setter won't remove the key on logout due to json.encode(null) returning "null" string.

When userToSave is null, json.encode(userToSave?.toJson()) evaluates to json.encode(null), which returns the literal string "null" (not actual null). This non-null string is then saved to SharedPreferences, bypassing the new removal logic.

While the getter handles the 'null' string check, the user data isn't actually removed from persistent storage, which contradicts the PR objective of preventing identity leaks.

🔒 Proposed fix to ensure key removal when user is null

 set currentUser(User? userToSave) {
-  _saveToDisk(USER, json.encode(userToSave?.toJson()));
+  _saveToDisk(USER, userToSave == null ? null : json.encode(userToSave.toJson()));
 }

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 555fff4c-ae1e-462e-af1a-0c0ceb0a97f3

📥 Commits

Reviewing files that changed from the base of the PR and between f621531 and edecd09.

📒 Files selected for processing (1)

• lib/services/local_storage_service.dart