fix: sign out if wallet is switched (#1553)

* 🧼 sign out if wallet is switched * ✨ npx changesets * quick comment * quick comment fix * 🧼 import types from wagmi only * chore: changeset tweak --------- Co-authored-by: Daniel Sinclair <[email protected]>
rainbow-me · Oct 11, 2023 · 7d97860 · 7d97860 · vercel · Oct 11, 2023
1 parent cd5abee
commit 7d97860
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 2 deletions.
diff --git a/.changeset/polite-maps-decide.md b/.changeset/polite-maps-decide.md
@@ -0,0 +1,5 @@
+---
+"@rainbow-me/rainbowkit": patch
+---
+
+Fixed an issue where a user would not get automatically logged out from the Authentication API after switching their wallet in MetaMask or other browser wallets. Users must now sign a new SIWE message after switching wallets.
diff --git a/packages/rainbowkit/src/components/RainbowKitProvider/AuthenticationContext.tsx b/packages/rainbowkit/src/components/RainbowKitProvider/AuthenticationContext.tsx
@@ -6,7 +6,7 @@ import React, {
   useMemo,
   useRef,
 } from 'react';
-import { useAccount } from 'wagmi';
+import { ConnectorData, useAccount } from 'wagmi';
 
 export type AuthenticationStatus =
   | 'loading'
@@ -55,7 +55,7 @@ export function RainbowKitAuthenticationProvider<Message = unknown>({
 }: RainbowKitAuthenticationProviderProps<Message>) {
   // When the wallet is disconnected, we want to tell the auth
   // adapter that the user session is no longer active.
-  useAccount({
+  const { connector } = useAccount({
     onDisconnect: () => {
       adapter.signOut();
     },
@@ -77,6 +77,27 @@ export function RainbowKitAuthenticationProvider<Message = unknown>({
     }
   }, [status, adapter, isDisconnected]);
 
+  const handleChangedAccount = ({ account }: ConnectorData) => {
+    // Only if account is changed then signOut
+    if (account) adapter.signOut();
+  };
+
+  // Wait for user authentication before listening to "change" event.
+  // Avoid listening immediately after wallet connection due to potential SIWE authentication delay.
+  // Ensure to turn off the "change" event listener for cleanup.
+  // biome-ignore lint/nursery/useExhaustiveDependencies: <explanation>
+  useEffect(() => {
+    if (connector && status === 'authenticated') {
+      // Attach the event listener when status is 'authenticated'
+      connector.on('change', handleChangedAccount);
+
+      // Cleanup function to remove the event listener
+      return () => {
+        connector?.off('change', handleChangedAccount);
+      };
+    }
+  }, [connector, status]);
+
   return (
     <AuthenticationContext.Provider
       value={useMemo(