From 559c7bfdef62c1f06b6f05195384092a7d73b7bd Mon Sep 17 00:00:00 2001
From: Nils Pukropp <nils@narl.io>
Date: Sat, 21 Feb 2026 04:52:21 +0100
Subject: [PATCH] fix: implement smart local session priority to prevent
 working local credentials from being overwritten by server data

---
 frontend/electron/main.ts | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

diff --git a/frontend/electron/main.ts b/frontend/electron/main.ts
index 09c1cb8..1622459 100644
--- a/frontend/electron/main.ts
+++ b/frontend/electron/main.ts
@@ -286,15 +286,31 @@ const syncAccounts = async (isManual = false) => {
         } else {
           const sDate = s.sessionUpdatedAt ? new Date(s.sessionUpdatedAt) : new Date(0);
           const lDate = exists.sessionUpdatedAt ? new Date(exists.sessionUpdatedAt) : new Date(0);
-          if (sDate > lDate) {
+          // 1. SENSITIVE DATA SYNC (Credentials)
+          const sSessionDate = s.sessionUpdatedAt ? new Date(s.sessionUpdatedAt) : new Date(0);
+          const lSessionDate = exists.sessionUpdatedAt ? new Date(exists.sessionUpdatedAt) : new Date(0);
+          
+          const isLocalAccount = !exists._id.startsWith('shared_');
+          const isLocalSessionHealthy = exists.steamLoginSecure && !exists.authError;
+
+          // SMART OVERWRITE LOGIC:
+          // - If it's a remote shared account: Newest wins.
+          // - If it's a LOCAL account: Only overwrite if our local session is broken/missing.
+          const shouldOverwriteCredentials = !isLocalAccount ? (sSessionDate > lSessionDate) : (!isLocalSessionHealthy && sSessionDate > lSessionDate);
+
+          if (shouldOverwriteCredentials) {
             if (s.loginName) exists.loginName = s.loginName;
             if (s.loginConfig) exists.loginConfig = s.loginConfig;
-            if (s.steamLoginSecure) { exists.steamLoginSecure = s.steamLoginSecure; exists.autoCheckCooldown = true; exists.authError = false; }
+            if (s.steamLoginSecure) {
+              exists.steamLoginSecure = s.steamLoginSecure;
+              exists.autoCheckCooldown = true;
+              exists.authError = false;
+            }
             exists.sessionUpdatedAt = s.sessionUpdatedAt;
             hasChanges = true;
           }
           
-          // Metadata Sync (Pull)
+          // 2. Metadata Sync (Pull) - Always "Newest Wins"
           const sMetaDate = s.lastMetadataCheck ? new Date(s.lastMetadataCheck) : new Date(0);
           const lMetaDate = exists.lastBanCheck ? new Date(exists.lastBanCheck) : new Date(0);
           if (sMetaDate > lMetaDate) {