From 65f4aaffe03058b7121dcb2592a0459fcbe44136 Mon Sep 17 00:00:00 2001
From: Bas van den Aakster <bvdaakster@gmail.com>
Date: Fri, 14 Nov 2025 19:05:44 +0100
Subject: [PATCH] Fix authentication check and credential validation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add authentication check before allowing peer discovery
- Validate stored credentials have required fields (peerId, secret)
- Remove invalid/corrupted credentials from localStorage
- Show clear error message when trying to discover without auth

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 src/App.jsx | 29 +++++++++++++++++++++++++----
 1 file changed, 25 insertions(+), 4 deletions(-)

diff --git a/src/App.jsx b/src/App.jsx
index 9b4b6c5..7dea838 100644
--- a/src/App.jsx
+++ b/src/App.jsx
@@ -46,10 +46,26 @@ export default function App() {
   useEffect(() => {
     const saved = localStorage.getItem('rondevu-credentials');
     if (saved) {
-      const creds = JSON.parse(saved);
-      setCredentials(creds);
-      setClient(new Rondevu({baseUrl: API_URL, credentials: creds}));
-      setStatus('Registered (from storage)');
+      try {
+        const creds = JSON.parse(saved);
+        // Validate credentials have required fields
+        if (creds && creds.peerId && creds.secret) {
+          setCredentials(creds);
+          setClient(new Rondevu({baseUrl: API_URL, credentials: creds}));
+          setStatus('Registered (from storage)');
+        } else {
+          // Invalid credentials, remove them
+          localStorage.removeItem('rondevu-credentials');
+          setClient(new Rondevu({baseUrl: API_URL}));
+          setStatus('Not registered');
+        }
+      } catch (err) {
+        // Corrupted credentials, remove them
+        console.error('Failed to load credentials:', err);
+        localStorage.removeItem('rondevu-credentials');
+        setClient(new Rondevu({baseUrl: API_URL}));
+        setStatus('Not registered');
+      }
     } else {
       setClient(new Rondevu({baseUrl: API_URL}));
     }
@@ -138,6 +154,11 @@ export default function App() {
   const handleDiscoverPeers = async () => {
     if (!client) return;
 
+    if (!client.isAuthenticated()) {
+      toast.error('Please register first!');
+      return;
+    }
+
     try {
       const offers = await client.offers.findByTopic(searchTopic.trim(), {limit: 50});
       setDiscoveredOffers(offers);