Fix: Prevent storage wipe and logout on failed account deletion

[fork-boy]

Fixed the promise chain order in deleteAccount inside DangerZoneTab. Previously, .catch() was placed before .then(), which caused a subtle but critical bug — when .catch() handles a rejection it returns a resolved promise, so .then() would always execute regardless of whether the API call succeeded or failed.

Changes

• Moved .catch((error) => reject(error)) to after .then() in the deleteAccount promise chain
• localStorage.clear(), sessionStorage.clear(), and logout() now only run after the server confirms successful account deletion
• No behavior change on the happy path — only the failure path is fixed

This makes the deletion flow safe: if the API returns an error, the user stays logged in with storage intact and sees the error notification instead of being silently wiped and logged out.

Before:

.del()
  .catch((error) => reject(error))       // swallows rejection → returns resolved
  .then(() => { localStorage.clear(); logout(); }) // always runs, even on failure ❌

After:

.del()
  .then(() => { localStorage.clear(); logout(); }) // only runs on API success ✅
  .catch((error) => reject(error))       // only runs on failure, storage untouched ✅

Summary by CodeRabbit

• Bug Fixes
  • Fixed account deletion process to ensure browser data is cleared only after deletion is successfully confirmed, preventing potential data inconsistencies.

[coderabbitai]

📝 Walkthrough

Walkthrough

The account deletion promise chain in DangerZoneTab.tsx was reordered to ensure browser storage clears only after the deletion API call succeeds. The error handler moved from before the success handler to after it, guaranteeing storage clearing, logout, and resolution occur as a unified success path following confirmed deletion.

Changes

Cohort / File(s)	Summary
Promise Handler Reordering src/modules/settings/DangerZoneTab.tsx	Reordered promise chain so .catch() error handler follows .then() success handler instead of preceding it, ensuring storage clearing, logout, and resolution only execute after successful deletion confirmation.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 A promise waits, then clears the way,
Delete confirmed—no more delay!
Storage fades when success rings true,
Hop along to paths anew. 🗑️✨

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Description check	❓ Inconclusive	The description is mostly complete with clear explanation of the bug and changes, but lacks required sections from the template: issue ticket number and documentation selection.	Add the issue ticket number/link and select one of the documentation options (added/updated or not needed with explanation) from the template.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main bug fix: preventing storage wipe and logout when account deletion fails.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

Fixes the account-deletion flow in Settings → Danger Zone so client-side logout and browser storage clearing only occur after the server confirms the account was successfully deleted, preventing accidental logout/storage wipe on API failure.

Changes:

• Reordered the deleteRequest.del() promise chain so .then() runs only on successful deletion and .catch() handles failures.
• Ensured localStorage.clear(), sessionStorage.clear(), and logout() are executed only after confirmed account deletion.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/modules/settings/DangerZoneTab.tsx`:
- Around line 37-38: The deletion flow in DangerZoneTab.tsx currently calls
logout().then(); and immediately calls resolve(), which doesn't wait for logout
to finish; change the handler so you await logout() (or chain
logout().then(...)) before calling resolve(), and handle errors by rejecting or
catching and logging so failures during logout don't get ignored—update the code
that invokes logout() and resolve() (the promise resolution logic) to await
logout(), then call resolve(), or call logout().then(resolve).catch(reject) /
log as appropriate.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: c27065f9-9aa7-4c20-9734-16182ee41262

📥 Commits

Reviewing files that changed from the base of the PR and between 9addc18 and 3c38e6b.

📒 Files selected for processing (1)

• src/modules/settings/DangerZoneTab.tsx