harden: widget edge cases — expired session, account switch, cache

1. Session expires: widget gets 401 → clears stale cookie from
   App Group → stops retrying with bad auth → shows cached data
   until user opens app and re-authenticates

2. Account switch: login() now calls clearWidgetAuth() BEFORE
   syncCookieToWidget() — clears previous user's cached calories
   before writing new user's cookie. No brief display of wrong data.

3. Logout: already correct — clearWidgetAuth removes cookie +
   cached data, widget shows 0/2000

4. Minimum data: only session cookie + 2 cached numbers + timestamp
   in App Group. No passwords, no user IDs, no PII.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

ios/Platform/Platform/Core/AuthManager.swift

@@ -77,6 +77,7 @@ final class AuthManager {
                 currentUser = response.user
                 isLoggedIn = true
                 UserDefaults.standard.set(true, forKey: loggedInKey)
+                clearWidgetAuth()  // Clear previous user's cached data
                 syncCookieToWidget()
                 WidgetCenter.shared.reloadAllTimelines()
             }