From dbf0c325889c5a5a424f20263b323837208e4a08 Mon Sep 17 00:00:00 2001
From: Petru Paler <petru@paler.net>
Date: Mon, 12 Jan 2026 21:45:35 +0000
Subject: [PATCH] Fix garmin status showing stale connection state

Fetch fresh user data from database in status endpoint instead of
relying on auth store cookie, which may be stale after token save.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 src/app/api/garmin/status/route.test.ts | 24 ++++++++++++++++++++----
 src/app/api/garmin/status/route.ts      | 13 +++++++------
 2 files changed, 27 insertions(+), 10 deletions(-)

diff --git a/src/app/api/garmin/status/route.test.ts b/src/app/api/garmin/status/route.test.ts
index 59131ee..014a334 100644
--- a/src/app/api/garmin/status/route.test.ts
+++ b/src/app/api/garmin/status/route.test.ts
@@ -9,11 +9,26 @@ import type { User } from "@/types";
 // Module-level variable to control mock user in tests
 let currentMockUser: User | null = null;
 
+// Create a mock PocketBase client that returns the current mock user
+const createMockPb = () => ({
+  collection: vi.fn(() => ({
+    getOne: vi.fn(() =>
+      Promise.resolve(
+        currentMockUser
+          ? {
+              ...currentMockUser,
+              garminTokenExpiresAt:
+                currentMockUser.garminTokenExpiresAt?.toISOString(),
+            }
+          : null,
+      ),
+    ),
+  })),
+});
+
 // Mock PocketBase
 vi.mock("@/lib/pocketbase", () => ({
-  createPocketBaseClient: vi.fn(() => ({
-    collection: vi.fn(),
-  })),
+  createPocketBaseClient: vi.fn(() => createMockPb()),
 }));
 
 // Mock the auth-middleware module
@@ -23,7 +38,8 @@ vi.mock("@/lib/auth-middleware", () => ({
       if (!currentMockUser) {
         return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
       }
-      return handler(request, currentMockUser);
+      const mockPb = createMockPb();
+      return handler(request, currentMockUser, mockPb);
     };
   }),
 }));
diff --git a/src/app/api/garmin/status/route.ts b/src/app/api/garmin/status/route.ts
index 1806e37..cfa27ea 100644
--- a/src/app/api/garmin/status/route.ts
+++ b/src/app/api/garmin/status/route.ts
@@ -5,8 +5,10 @@ import { NextResponse } from "next/server";
 import { withAuth } from "@/lib/auth-middleware";
 import { daysUntilExpiry, isTokenExpired } from "@/lib/garmin";
 
-export const GET = withAuth(async (_request, user) => {
-  const connected = user.garminConnected;
+export const GET = withAuth(async (_request, user, pb) => {
+  // Fetch fresh user data from database (auth store cookie may be stale)
+  const freshUser = await pb.collection("users").getOne(user.id);
+  const connected = freshUser.garminConnected;
 
   if (!connected) {
     return NextResponse.json({
@@ -17,10 +19,9 @@ export const GET = withAuth(async (_request, user) => {
     });
   }
 
-  const expiresAt =
-    user.garminTokenExpiresAt instanceof Date
-      ? user.garminTokenExpiresAt.toISOString()
-      : String(user.garminTokenExpiresAt);
+  const expiresAt = freshUser.garminTokenExpiresAt
+    ? String(freshUser.garminTokenExpiresAt)
+    : "";
 
   const tokens = {
     oauth1: "",