fix(auth): handle transient getCurrentUser failure gracefully in --token login

If getCurrentUser() throws after the token is validated and stored, the
login command now succeeds instead of crashing. The token is already valid
(getUserRegions() passed), so a network hiccup on /auth/ should not cause
an inconsistent state where the token is saved but the command reports
failure. User info display is skipped when unavailable.

Author: BYK

src/commands/auth/login.ts

@@ -67,17 +67,25 @@ export const loginCommand = buildCommand({
         );
       }
 
-      // Fetch and store user info via /auth/ (works with all token types)
-      const user = await getCurrentUser();
-      setUserInfo({
-        userId: user.id,
-        email: user.email,
-        username: user.username,
-        name: user.name,
-      });
+      // Fetch and cache user info via /auth/ (works with all token types).
+      // A transient failure here must not block login — the token is already valid.
+      let user: Awaited<ReturnType<typeof getCurrentUser>> | undefined;
+      try {
+        user = await getCurrentUser();
+        setUserInfo({
+          userId: user.id,
+          email: user.email,
+          username: user.username,
+          name: user.name,
+        });
+      } catch {
+        // Non-fatal: user info is supplementary. Token remains stored and valid.
+      }
 
       stdout.write(`${success("✓")} Authenticated with API token\n`);
-      stdout.write(`  Logged in as: ${muted(formatUserIdentity(user))}\n`);
+      if (user) {
+        stdout.write(`  Logged in as: ${muted(formatUserIdentity(user))}\n`);
+      }
       stdout.write(`  Config saved to: ${getDbPath()}\n`);
       return;
     }

test/commands/auth/login.test.ts

@@ -142,7 +142,7 @@ describe("loginCommand.func --token path", () => {
     expect(getCurrentUserSpy).not.toHaveBeenCalled();
   });
 
-  test("--token: always shows 'Logged in as' with user identity", async () => {
+  test("--token: shows 'Logged in as' when user info fetch succeeds", async () => {
     isAuthenticatedSpy.mockResolvedValue(false);
     setAuthTokenSpy.mockResolvedValue(undefined);
     getUserRegionsSpy.mockResolvedValue([]);
@@ -156,6 +156,26 @@ describe("loginCommand.func --token path", () => {
     expect(getStdout()).toContain("only@email.com");
   });
 
+  test("--token: login succeeds even when getCurrentUser() fails transiently", async () => {
+    isAuthenticatedSpy.mockResolvedValue(false);
+    setAuthTokenSpy.mockResolvedValue(undefined);
+    getUserRegionsSpy.mockResolvedValue([]);
+    getCurrentUserSpy.mockRejectedValue(new Error("Network error"));
+
+    const { context, getStdout } = createContext();
+
+    // Must not throw — login should succeed with the stored token
+    await func.call(context, { token: "valid-token", timeout: 900 });
+
+    const out = getStdout();
+    expect(out).toContain("Authenticated");
+    // 'Logged in as' is omitted when user info is unavailable
+    expect(out).not.toContain("Logged in as");
+    // Token was stored and not cleared
+    expect(clearAuthSpy).not.toHaveBeenCalled();
+    expect(setUserInfoSpy).not.toHaveBeenCalled();
+  });
+
   test("no token: falls through to interactive login", async () => {
     isAuthenticatedSpy.mockResolvedValue(false);
     runInteractiveLoginSpy.mockResolvedValue(true);