From e6267f13cf408aeff091f575e857ca01bf1bfeac Mon Sep 17 00:00:00 2001
From: Raymond Jacobson <ray@audius.co>
Date: Wed, 13 Mar 2024 10:48:03 -0700
Subject: [PATCH] [ONC-39] Check that signed in user matches wallet (#7812)

---
 packages/web/src/common/store/account/sagas.js | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/packages/web/src/common/store/account/sagas.js b/packages/web/src/common/store/account/sagas.js
index 861cba83edd..7d32555ce1b 100644
--- a/packages/web/src/common/store/account/sagas.js
+++ b/packages/web/src/common/store/account/sagas.js
@@ -179,8 +179,8 @@ export function* fetchAccountAsync({ isSignUp = false }) {
   const clientOrigin = isNativeMobile
     ? 'mobile'
     : isElectron
-    ? 'desktop'
-    : 'web'
+      ? 'desktop'
+      : 'web'
   fingerprintClient.identify(account.user_id, clientOrigin)
 
   yield call(recordIPIfNotRecent, account.handle)
@@ -192,13 +192,19 @@ export function* fetchAccountAsync({ isSignUp = false }) {
 
 export function* fetchLocalAccountAsync() {
   const localStorage = yield getContext('localStorage')
+  const audiusBackendInstance = yield getContext('audiusBackendInstance')
 
   yield put(accountActions.fetchAccountRequested())
 
+  const audiusLibs = yield call([audiusBackendInstance, audiusBackendInstance.getAudiusLibs])
+  const wallet = yield call([audiusLibs.web3Manager, audiusLibs.web3Manager.getWalletAddress])
   const cachedAccount = yield call([localStorage, 'getAudiusAccount'])
   const cachedAccountUser = yield call([localStorage, 'getAudiusAccountUser'])
   const currentUserExists = yield call([localStorage, 'getCurrentUserExists'])
-  if (cachedAccount && cachedAccountUser && !cachedAccountUser.is_deactivated) {
+
+  const walletMatches = wallet.toLowerCase() === cachedAccountUser.wallet.toLowerCase()
+
+  if (cachedAccount && cachedAccountUser && !cachedAccountUser.is_deactivated && walletMatches) {
     yield call(
       cacheAccount,
       { ...cachedAccountUser, local: true },