fix(onboarding): preserve seenAccessKey flag across restart so onboarding resumes at access key

onAccountPurchased was removing seenAccessKeyKey, and login always set
LoggedInWithUser when flags.isRegistered was true, skipping the access key
screen on restart. Now onAccountPurchased preserves the flag value,
hasSeenAccessKey falls back to selectedAccountIdKey, login gates
LoggedInWithUser on seenAccessKey, and RealSessionController respects
incomplete onboarding state.

Author: bmc08gt

apps/flipcash/shared/authentication/src/main/kotlin/com/flipcash/app/auth/AuthManager.kt

@@ -172,12 +172,17 @@ class AuthManager @Inject constructor(
                             accountController.getUserFlags().getOrNull()
                         }
 
+                        val seenAccessKey = credentialManager.hasSeenAccessKey()
                         if (flags != null) {
                             userManager.set(flags)
-                            userManager.set(if (flags.isRegistered) AuthState.LoggedInWithUser else AuthState.Registered())
+                            if (flags.isRegistered && seenAccessKey) {
+                                userManager.set(AuthState.LoggedInWithUser)
+                            } else {
+                                userManager.set(AuthState.Registered(seenAccessKey))
+                            }
                         } else {
                             taggedTrace("Failed to get user flags after retries", type = TraceType.Error)
-                            userManager.set(authState = AuthState.Registered())
+                            userManager.set(authState = AuthState.Registered(seenAccessKey))
                         }
 
                         profileController.updateUserProfile()

apps/flipcash/shared/authentication/src/main/kotlin/com/flipcash/app/auth/internal/credentials/PassphraseCredentialManager.kt

@@ -108,14 +108,27 @@ class PassphraseCredentialManager @Inject constructor(
 
     suspend fun onUserAccessKeySeen(): Result<Unit> {
         storage.edit { prefs ->
-            prefs[temporaryUserIdKey]?.let { userId ->
+            val userId = prefs[temporaryUserIdKey] ?: prefs[selectedAccountIdKey]
+            if (userId != null) {
                 prefs[seenAccessKeyKey(userId)] = true
             }
         }
 
         return Result.success(Unit)
     }
 
+    suspend fun hasSeenAccessKey(): Boolean {
+        val tempUserId = storage.data.map { it[temporaryUserIdKey] }.firstOrNull()
+        if (tempUserId != null) {
+            return storage.data.map { it[seenAccessKeyKey(tempUserId)] }.firstOrNull() ?: false
+        }
+        // Temporary keys cleared by onAccountPurchased — check selected account.
+        // Default to true so existing production users (who never had this flag) aren't affected.
+        val selectedId = storage.data.map { it[selectedAccountIdKey] }.firstOrNull()
+            ?: return true
+        return storage.data.map { it[seenAccessKeyKey(selectedId)] }.firstOrNull() ?: true
+    }
+
     suspend fun presentSaveOption(): Result<AccountMetadata> {
         val tempUserId = storage.data.map { it[temporaryUserIdKey] }.firstOrNull()
         val entropy = storage.data.map { it[temporaryEntropyKey] }.firstOrNull()
@@ -150,11 +163,13 @@ class PassphraseCredentialManager @Inject constructor(
             return Result.failure(Throwable("No user id found"))
         }
 
-        // remove temporary states
+        // remove temporary states; persist seenAccessKey as false for the
+        // selected account so a restart before the access-key screen resumes there
+        val seenAccessKey = storage.data.map { it[seenAccessKeyKey(accountId.base58)] }.firstOrNull() ?: false
         storage.edit {
             it.remove(temporaryEntropyKey)
             it.remove(temporaryUserIdKey)
-            it.remove(seenAccessKeyKey(accountId.base58))
+            it[seenAccessKeyKey(accountId.base58)] = seenAccessKey
         }
 
         // Store metadata
@@ -202,7 +217,7 @@ class PassphraseCredentialManager @Inject constructor(
         val selectedMetadata = getSelectedMetadata()
         if (selectedMetadata != null && selectedMetadata.entropy == entropy) {
             storeMetadata(selectedMetadata, isSelected = true)
-            updateUserManager(selectedMetadata.id, AuthState.LoggedInWithUser)
+            userManager.set(selectedMetadata.id)
             return Result.success(selectedMetadata)
         }
 

apps/flipcash/shared/authentication/src/test/kotlin/com/flipcash/app/auth/AuthManagerTest.kt

@@ -68,6 +68,7 @@ class AuthManagerTest {
         coEvery { credentialManager.onAccountPurchased() } returns Result.success(mockk(relaxed = true))
         coEvery { pushController.addToken(any()) } returns Result.success(Unit)
         coEvery { pushController.deleteTokens() } returns Result.success(Unit)
+        coEvery { credentialManager.hasSeenAccessKey() } returns true
 
         authManager = AuthManager(
             credentialManager = credentialManager,

apps/flipcash/shared/session/src/main/kotlin/com/flipcash/app/session/internal/RealSessionController.kt

@@ -302,7 +302,9 @@ class RealSessionController @Inject constructor(
                 accountController.getUserFlags()
                     .onSuccess { flags ->
                         userManager.set(flags)
-                        if (flags.isRegistered && !userManager.authState.canAccessAuthenticatedApis) {
+                        val currentState = userManager.authState
+                        val onboardingIncomplete = currentState is AuthState.Registered && !currentState.seenAccessKey
+                        if (flags.isRegistered && !currentState.canAccessAuthenticatedApis && !onboardingIncomplete) {
                             userManager.set(authState = AuthState.LoggedInWithUser)
                         }
                     }