Drafts are stored in the web browser's local storage. However, they are not cleared when the user logs out. As a result, someone other than the legitimate user of Flatnotes may access them.

When FLATNOTES_AUTH_TYPE is password unauthorized access to notes is contrary to user expectations. To make matters worse, several drafts can be stored locally at any given time.

How to reproduce:

1. Confirm that FLATNOTES_AUTH_TYPE is password, FLATNOTES_USERNAME and FLATNOTES_PASSWORD are defined.
2. Log into Flatnotes and start a new note.
3. Leave the title empty and type "This is a private note" in the note's body.
4. Go to Menu > Log Out.
5. Observe that the browser's local storage contains the note's body from step 3. (See screenshot)

Expected results:
After step 4 there are no drafts saved in local storage.

Actual results:
Drafts persist after logout, allowing anyone without knowledge of the password to view them.