Add multi-account auth support with quick account switcher UI

[Kief5555]

FIXES FOR #344

🚀 Multi-Account Switcher (Quick Account Switching)

Overview

This PR introduces a multi-account system that allows users to manage and switch between multiple accounts seamlessly without re-entering credentials.

---

✨ Features

• Multi-account support

  • Store multiple authenticated sessions
  • Track and switch active account

• Quick account switching

  • Instantly switch accounts using stored refresh tokens
  • No password re-entry required

• Account management UI

  • Dropdown menu in navbar
  • View all saved accounts with profile info
  • Active account indicator
  • Remove individual accounts
  • Add new accounts
  • Sign out of all accounts

---

🛠️ Technical Changes

Backend (AuthService)

• Migrated from single session → multiple sessions (Map<string, AuthSession>)

• Added:

  • getSavedAccounts()
  • switchAccount(userId)
  • removeAccount(userId)
  • logoutAll()

• Added session persistence with activeUserId

• Implemented backward compatibility for old session format

IPC & API

• New IPC channels:

  • auth:get-saved-accounts
  • auth:switch-account
  • auth:remove-account

• Extended preload API for account operations

Frontend

• Navbar dropdown for account switching
• Integrated state management in App.tsx
• Handlers for switching, adding, and removing accounts

Styling

• Added dropdown UI with dark theme support
• Tier badges and interactive states

---

🔁 Behavior

• New logins are added (not replaced)
• Switching accounts validates/refreshes tokens
• Invalid sessions are automatically removed
• “Sign out all” clears all stored sessions

---

✅ Testing

• Verified multi-account login flow
• Tested switching without password prompts
• Confirmed account removal and full logout
• Build, typecheck, and tests all passing

---

📌 Notes

This implementation is backward-compatible and migrates existing single-session users automatically.

[Copilot]

Pull request overview

Adds multi-account authentication to OpenNOW (main process AuthService + shared IPC/contract + preload API) and exposes it in the renderer via a quick account switcher dropdown in the navbar, enabling switching/removing accounts and signing out of all accounts without re-entering credentials.

Changes:

• Extend shared IPC channels and OpenNowApi contract to support saved accounts, switching, removal, and logout-all.
• Implement multi-session persistence and account switching/removal logic in AuthService, wired through main IPC handlers and preload.
• Add renderer state + navbar dropdown UI (with styling) for switching/managing accounts, including new confirmation flow for removing an account.

Reviewed changes

Copilot reviewed 8 out of 8 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
opennow-stable/src/shared/ipc.ts	Adds new IPC channel constants for multi-account operations.
opennow-stable/src/shared/gfn.ts	Extends shared types (SavedAccount) and OpenNowApi with multi-account methods.
opennow-stable/src/preload/index.ts	Exposes new auth/account APIs to the renderer via window.openNow.
opennow-stable/src/main/index.ts	Registers new IPC handlers that delegate to AuthService.
opennow-stable/src/main/gfn/auth.ts	Migrates auth state from single-session to multi-session with persistence and account operations.
opennow-stable/src/renderer/src/components/Navbar.tsx	Implements account switcher dropdown UI and wires callbacks.
opennow-stable/src/renderer/src/App.tsx	Adds saved-account state, account switching/removal flows, and logout-all integration.
opennow-stable/src/renderer/src/styles.css	Adds styles for the account switcher dropdown and interactions.
opennow-stable/package.json	Bumps app version.
README.md	Adds TestFlight badge and lists iOS as a packaging target.

Comments suppressed due to low confidence (2)

opennow-stable/src/renderer/src/App.tsx:2452

• After removing an account, refreshNavbarActiveSession(sessionResult.session, sessionResult.session.provider.streamingServiceUrl) forces the provider base URL and can ignore a user-selected settings.region. This can make the navbar active-session query inconsistent with the rest of the app when a region override is set.

Suggestion: call refreshNavbarActiveSession(sessionResult.session) without passing streamingServiceUrl as an override (or compute an override that respects settings.region).

    setSelectedGameId("");
  }, [resetLaunchRuntime]);

  // Logout handler

opennow-stable/src/renderer/src/App.tsx:2463

• confirmRemoveAccount performs multiple awaited IPC calls but doesn’t have any error handling. Since it’s triggered via void confirmRemoveAccount() (button click / Enter key handler), any thrown error will become an unhandled promise rejection and the UI state has already been mutated (modal closed, accountToRemove cleared).

Suggestion: add a try/catch around the removal + refresh sequence, and consider restoring the modal/state or surfacing an error message when removal fails.

    setGames([]);
    setLibraryGames([]);
    setVariantByGameId({});
    resetLaunchRuntime();
    setNavbarActiveSession(null);
    setIsResumingNavbarSession(false);
    setSubscriptionInfo(null);
    setCurrentPage("home");
    setCatalogFilterGroups([]);
    setCatalogSortOptions([]);
    setCatalogSelectedSortId("relevance");
    setCatalogSelectedFilterIds([]);
    setCatalogTotalCount(0);
    setCatalogSupportedCount(0);
    setSelectedGameId("");
  }, [resetLaunchRuntime]);

  // Logout handler
  const handleLogout = useCallback(() => {
    setLogoutConfirmOpen(true);
  }, []);

  // Load games handler
  const loadGames = useCallback(async (targetSource: "main" | "library") => {
    setIsLoadingGames(true);
    try {
      const token = authSession?.tokens.idToken ?? authSession?.tokens.accessToken;
      const baseUrl = effectiveStreamingBaseUrl;
      if (!token) {

[Copilot]

In ensureValidSessionWithStatus, applyRefreshedTokens writes the refreshed session back into this.sessions keyed by updatedSession.user.userId, but it never updates activeUserId if fetchUserInfo returns a different user than the currently-active session (when expectedUserId is not provided). That can leave activeUserId pointing at an entry whose tokens were never updated, while the refreshed tokens are stored under a different key, causing this.getSession() (and the returned session) to remain stale/expired.

Consider always enforcing that resolvedUser.userId matches the current session’s userId (or default expectedUserId to currentSession.user.userId), and/or updating activeUserId to the refreshed user when you intentionally allow identity changes.

[Copilot]

handleSwitchAccount calls refreshNavbarActiveSession(session, session.provider.streamingServiceUrl). Passing the provider URL as an override bypasses the user-selected settings.region (since refreshNavbarActiveSession will always use the override), so the navbar active-session query may hit the wrong base URL when a custom region is set.

Suggestion: call refreshNavbarActiveSession(session) without the override (or pass an override that respects settings.region), since refreshNavbarActiveSession already derives the correct base URL from settings.region + the provided session.

[Copilot]

In the handleSwitchAccount failure path, refreshNavbarActiveSession(sessionResult.session, sessionResult.session.provider.streamingServiceUrl) has the same issue as the success path: the explicit override forces the provider base URL and ignores a user-selected settings.region, so the navbar active-session refresh may query the wrong endpoint.

Suggestion: call refreshNavbarActiveSession(sessionResult.session) without the override (or compute an override that respects settings.region).

[Copilot]

handleSwitchAccount is passed down to Navbar as onSwitchAccount, and the navbar calls it without awaiting. In the catch block here, several awaited operations (getAuthSession, loadSessionRuntimeData, refreshNavbarActiveSession) can still throw; if they do, the resulting rejected promise will be unhandled in the renderer.

Suggestion: wrap the recovery logic in its own try/catch (and ensure this handler always resolves), or handle the returned promise at the call site (e.g., void onSwitchAccount(...) plus centralized error handling).

[Copilot]

The account switcher trigger/dropdown is implemented as a menu-like control, but it uses aria-haspopup="dialog" and the popup uses role="dialog". This is likely to be announced incorrectly by assistive tech (it’s not a modal dialog, and the contents are a list of choices + actions).

Suggestion: use menu semantics (aria-haspopup="menu", role="menu" / role="menuitem") or otherwise align ARIA roles/attributes with the actual interaction pattern.

[capy-ai]

Added 1 comment

[Copilot]

Pull request overview

Copilot reviewed 9 out of 9 changed files in this pull request and generated 3 comments.

Comments suppressed due to low confidence (1)

opennow-stable/src/renderer/src/App.tsx:2454

• confirmLogout now calls window.openNow.logoutAll() but does not handle failures. Since it is invoked via void confirmLogout() (click/Enter handler), a thrown error will surface as an unhandled promise rejection and the UI/state will already have dismissed the modal. Consider wrapping the IPC call + state resets in try/catch and only clearing local state after the IPC succeeds (or restore state / show an error if it fails).

  const confirmLogout = useCallback(async () => {
    setLogoutConfirmOpen(false);
    await window.openNow.logoutAll();
    setAuthSession(null);
    setSavedAccounts([]);
    setGames([]);
    setLibraryGames([]);
    setVariantByGameId({});
    resetLaunchRuntime();
    setNavbarActiveSession(null);
    setIsResumingNavbarSession(false);
    setSubscriptionInfo(null);
    setCurrentPage("home");
    setCatalogFilterGroups([]);
    setCatalogSortOptions([]);
    setCatalogSelectedSortId("relevance");
    setCatalogSelectedFilterIds([]);
    setCatalogTotalCount(0);
    setCatalogSupportedCount(0);
    setSelectedGameId("");
  }, [resetLaunchRuntime]);

[Copilot]

During initialization, getSavedAccounts() is awaited after the Promise.all that loads providers/session. This makes startup slower than necessary because the accounts fetch could run in parallel with the other two IPC calls. Consider including window.openNow.getSavedAccounts() in the same Promise.all and destructuring all three results.

Suggested change

	// Load providers and session (refresh only if token is near expiry)
	setStartupStatusMessage("Restoring saved session...");
	const [providerList, sessionResult] = await Promise.all([
	window.openNow.getLoginProviders(),
	window.openNow.getAuthSession(),
	]);
	const accounts = await window.openNow.getSavedAccounts();
	// Load providers, session, and saved accounts in parallel (refresh only if token is near expiry)
	setStartupStatusMessage("Restoring saved session...");
	const [providerList, sessionResult, accounts] = await Promise.all([
	window.openNow.getLoginProviders(),
	window.openNow.getAuthSession(),
	window.openNow.getSavedAccounts(),
	]);

[Copilot]

The account dropdown is exposed as an ARIA menu (aria-haspopup="menu", role="menu"), but there is no keyboard handling to dismiss it (e.g., Escape) or manage focus within the menu. This makes the new switcher hard to use with keyboard-only navigation and diverges from expected menu behavior. Consider adding an onKeyDown handler (Escape to close, arrow-key navigation if keeping role="menu") and/or simplifying the semantics (e.g., treat it as a list of buttons without role="menu").

[Copilot]

AuthService.setSession() is added as a public method but doesn't appear to be used anywhere in the codebase. If it isn't part of an intended external API, consider removing it or making it private to avoid carrying unused surface area (especially now that setSession(null) clears all stored sessions).

Suggested change

	setSession(session: AuthSession | null): void {
	if (!session) {
	this.sessions.clear();
	this.activeUserId = null;
	this.selectedProvider = defaultProvider();
	this.clearSubscriptionCache();
	this.clearVpcCache();
	void this.persist();
	return;
	}
	const normalized: AuthSession = {
	...session,
	provider: normalizeProvider(session.provider),
	};
	this.sessions.set(normalized.user.userId, normalized);
	this.activeUserId = normalized.user.userId;
	this.selectedProvider = normalized.provider;
	this.clearSubscriptionCache();
	this.clearVpcCache();
	void this.persist();
	}