Problem
When logging into the mobile app, the UserProfile in local SQLite has empty Name and Email fields, even though the webapp (which reads from Identity claims) shows them correctly. The user logs in with the same credentials on both platforms.
Root Cause
The mobile login flow (IdentityAuthService.StoreTokens) sets active_profile_id from the auth response but never populates UserProfile.Name or UserProfile.Email from the JWT claims or auth response. The UserProfileRepository.GetOrCreateDefaultAsync() creates profiles with empty strings for these fields.
The webapp gets name/email from ClaimsPrincipal (server-side Identity), so it never has this problem. But the mobile app relies entirely on the local SQLite UserProfile row, which is never backfilled from auth data.
Expected Behavior
After login on mobile, the local UserProfile should have its Name and Email populated from the auth response (JWT claims contain both ClaimTypes.Email and ClaimTypes.Name). CoreSync should also sync profile changes bidirectionally so edits on either platform propagate.
Steps to Reproduce
- Register on webapp (name and email populated via Identity)
- Login on mobile app with same credentials
- Go to Profile page on mobile - Name and Email are empty
- Compare to webapp Profile page - Name and Email are correct
Suggested Fix
In IdentityAuthService.StoreTokens(), after setting active_profile_id, extract name/email from the JWT and update the local UserProfile if those fields are empty:
// After setting active_profile_id
var profile = await _userProfileRepo.GetAsync();
if (profile != null && string.IsNullOrEmpty(profile.Name))
{
var nameFromJwt = ExtractUserNameFromJwt(response.Token);
var emailFromJwt = new JwtSecurityToken(response.Token)
.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email)?.Value;
await _userProfileRepo.SaveAsync(profile);
}Context
Discovered during production data recovery (Postgres wipe incident). UserProfile row existed in SQLite with correct ID but empty Name/Email because it was created by GetOrCreateDefaultAsync() without auth data.
Problem
When logging into the mobile app, the UserProfile in local SQLite has empty Name and Email fields, even though the webapp (which reads from Identity claims) shows them correctly. The user logs in with the same credentials on both platforms.
Root Cause
The mobile login flow (
IdentityAuthService.StoreTokens) setsactive_profile_idfrom the auth response but never populatesUserProfile.NameorUserProfile.Emailfrom the JWT claims or auth response. TheUserProfileRepository.GetOrCreateDefaultAsync()creates profiles with empty strings for these fields.The webapp gets name/email from
ClaimsPrincipal(server-side Identity), so it never has this problem. But the mobile app relies entirely on the local SQLiteUserProfilerow, which is never backfilled from auth data.Expected Behavior
After login on mobile, the local
UserProfileshould have itsNameandEmailpopulated from the auth response (JWT claims contain bothClaimTypes.EmailandClaimTypes.Name). CoreSync should also sync profile changes bidirectionally so edits on either platform propagate.Steps to Reproduce
Suggested Fix
In
IdentityAuthService.StoreTokens(), after settingactive_profile_id, extract name/email from the JWT and update the localUserProfileif those fields are empty:Context
Discovered during production data recovery (Postgres wipe incident). UserProfile row existed in SQLite with correct ID but empty Name/Email because it was created by
GetOrCreateDefaultAsync()without auth data.