From ca3005bc0e7903c0ff3c4bf0c8666727f57d05ff Mon Sep 17 00:00:00 2001
From: le king fu <lekingfu@protonmail.com>
Date: Fri, 10 Apr 2026 15:04:05 -0400
Subject: [PATCH] fix: use write_restricted for account.json (0600 perms)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

account.json contains PII and subscription_status — apply the same
restricted file permissions as tokens.json.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 src-tauri/src/commands/auth_commands.rs | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src-tauri/src/commands/auth_commands.rs b/src-tauri/src/commands/auth_commands.rs
index de5988f..7afd864 100644
--- a/src-tauri/src/commands/auth_commands.rs
+++ b/src-tauri/src/commands/auth_commands.rs
@@ -207,8 +207,7 @@ pub async fn handle_auth_callback(app: tauri::AppHandle, code: String) -> Result
     // Store account info
     let account_json =
         serde_json::to_string_pretty(&account).map_err(|e| format!("Serialize error: {}", e))?;
-    fs::write(dir.join(ACCOUNT_FILE), account_json)
-        .map_err(|e| format!("Cannot write account info: {}", e))?;
+    write_restricted(&dir.join(ACCOUNT_FILE), &account_json)?;
 
     Ok(account)
 }
@@ -280,8 +279,7 @@ pub async fn refresh_auth_token(app: tauri::AppHandle) -> Result<AccountInfo, St
     let account = fetch_userinfo(&endpoint, &new_access).await?;
     let account_json =
         serde_json::to_string_pretty(&account).map_err(|e| format!("Serialize error: {}", e))?;
-    fs::write(dir.join(ACCOUNT_FILE), account_json)
-        .map_err(|e| format!("Cannot write account info: {}", e))?;
+    write_restricted(&dir.join(ACCOUNT_FILE), &account_json)?;
 
     Ok(account)
 }