elie222 · elie222 · Nov 1, 2025 · Nov 1, 2025 · Nov 1, 2025 · Nov 1, 2025
diff --git a/apps/web/providers/EmailAccountProvider.tsx b/apps/web/providers/EmailAccountProvider.tsx
@@ -57,7 +57,7 @@ export function EmailAccountProvider({
 
   useEffect(() => {
     if (emailAccountId) {
-      setLastEmailAccountAction(emailAccountId);
+      setLastEmailAccountAction({ emailAccountId });
     }
   }, [emailAccountId]);
 

diff --git a/apps/web/utils/account.ts b/apps/web/utils/account.ts
@@ -1,3 +1,5 @@
+import { notFound } from "next/navigation";
+import { cookies } from "next/headers";
 import { auth } from "@/utils/auth";
 import {
   getGmailClientWithRefresh,
@@ -9,8 +11,10 @@ import {
 } from "@/utils/outlook/client";
 import { redirect } from "next/navigation";
 import prisma from "@/utils/prisma";
-import { notFound } from "next/navigation";
-import { getLastEmailAccountFromCookie } from "@/utils/actions/email-account-cookie";
+import {
+  LAST_EMAIL_ACCOUNT_COOKIE,
+  type LastEmailAccountCookieValue,
+} from "@/utils/cookies";
 
 export async function getGmailClientForEmail({
   emailAccountId,
@@ -118,7 +122,7 @@ export async function redirectToEmailAccountPath(path: `/${string}`) {
   const userId = session?.user.id;
   if (!userId) throw new Error("Not authenticated");
 
-  const lastEmailAccountId = await getLastEmailAccountFromCookie();
+  const lastEmailAccountId = await getLastEmailAccountFromCookie(userId);
 
   let emailAccountId = lastEmailAccountId;
 
@@ -138,3 +142,28 @@ export async function redirectToEmailAccountPath(path: `/${string}`) {
 
   redirect(redirectUrl);
 }
+
+async function getLastEmailAccountFromCookie(
+  userId: string,
+): Promise<string | null> {
+  try {
+    const cookieStore = await cookies();
+    const cookieValue = cookieStore.get(LAST_EMAIL_ACCOUNT_COOKIE)?.value;
+    if (!cookieValue) return null;
+
+    // Handle backward compatibility: old cookies stored just the emailAccountId as a plain string
+    // New cookies store JSON with { userId, emailAccountId }
+    try {
+      const parsed = JSON.parse(cookieValue) as LastEmailAccountCookieValue;
+      // Validate userId matches to prevent stale data
+      if (parsed.userId !== userId) return null;
+      return parsed.emailAccountId;
+    } catch {
+      // If JSON parse fails, it's an old-format cookie (plain emailAccountId string)
+      // Return it as-is (the caller will still validate the user owns this account)
+      return cookieValue;
+    }
+  } catch {
+    return null;
+  }
+}
diff --git a/apps/web/utils/actions/email-account-cookie.ts b/apps/web/utils/actions/email-account-cookie.ts
@@ -1,27 +1,45 @@
 "use server";
 
+import { z } from "zod";
 import { cookies } from "next/headers";
-import { LAST_EMAIL_ACCOUNT_COOKIE } from "@/utils/cookies";
+import {
+  LAST_EMAIL_ACCOUNT_COOKIE,
+  type LastEmailAccountCookieValue,
+} from "@/utils/cookies";
+import { actionClientUser } from "@/utils/actions/safe-action";
 
 /**
  * Sets a cookie with the last selected email account ID.
  * This is used when emailAccountId is not provided in the URL.
  */
-export async function setLastEmailAccountAction(emailAccountId: string) {
-  const cookieStore = await cookies();
+export const setLastEmailAccountAction = actionClientUser
+  .metadata({ name: "setLastEmailAccount" })
+  .inputSchema(z.object({ emailAccountId: z.string() }))
+  .action(async ({ ctx: { userId }, parsedInput: { emailAccountId } }) => {
+    const cookieStore = await cookies();
 
-  cookieStore.set(LAST_EMAIL_ACCOUNT_COOKIE, emailAccountId, {
-    path: "/",
-    maxAge: 60 * 60 * 24 * 365, // 1 year
-    sameSite: "lax",
-    httpOnly: true,
-    secure: process.env.NODE_ENV === "production",
+    const cookieValue: LastEmailAccountCookieValue = {
+      userId,
+      emailAccountId,
+    };
+    const value = JSON.stringify(cookieValue);
+
+    cookieStore.set(LAST_EMAIL_ACCOUNT_COOKIE, value, {
+      path: "/",
+      maxAge: 60 * 60 * 24 * 365, // 1 year
+      sameSite: "lax",
+      httpOnly: true,
+      secure: process.env.NODE_ENV === "production",
+    });
   });
-}
 
-// Not secure. Only used for redirects. Still requires checking user owns the account.
-export async function getLastEmailAccountFromCookie(): Promise<string | null> {
-  const cookieStore = await cookies();
-  const value = cookieStore.get(LAST_EMAIL_ACCOUNT_COOKIE)?.value;
-  return value || null;
-}
+/**
+ * Clears the last email account cookie.
+ * Called on logout to prevent stale account IDs when switching users.
+ */
+export const clearLastEmailAccountAction = actionClientUser
+  .metadata({ name: "clearLastEmailAccount" })
+  .action(async () => {
+    const cookieStore = await cookies();
+    cookieStore.delete(LAST_EMAIL_ACCOUNT_COOKIE);
+  });
diff --git a/apps/web/utils/cookies.ts b/apps/web/utils/cookies.ts
@@ -3,6 +3,11 @@ export const REPLY_ZERO_ONBOARDING_COOKIE = "viewed_reply_zero_onboarding";
 export const INVITATION_COOKIE = "invitation_id";
 export const LAST_EMAIL_ACCOUNT_COOKIE = "last_email_account_id";
 
+export type LastEmailAccountCookieValue = {
+  userId: string;
+  emailAccountId: string;
+};
+
 export function markOnboardingAsCompleted(cookie: string) {
   document.cookie = `${cookie}=true; path=/; max-age=${Number.MAX_SAFE_INTEGER}; SameSite=Lax`;
 }

diff --git a/apps/web/utils/user.ts b/apps/web/utils/user.ts
@@ -1,8 +1,11 @@
 "use client";
 
 import { signOut } from "@/utils/auth-client";
+import { clearLastEmailAccountAction } from "@/utils/actions/email-account-cookie";
 
 export async function logOut(callbackUrl?: string) {
+  clearLastEmailAccountAction();
-  clearLastEmailAccountAction();
+export async function logOut(callbackUrl?: string) {
+  await clearLastEmailAccountAction();
+
+  await signOut({
-  clearLastEmailAccountAction();
+export async function logOut(callbackUrl?: string) {
+  await clearLastEmailAccountAction();
+
+  await signOut({
+
   await signOut({
     fetchOptions: {
       onSuccess: () => {

diff --git a/version.txt b/version.txt
@@ -1 +1 @@
-v2.17.20
+v2.17.21