5d51ac6833
1. Session expires: widget gets 401 → clears stale cookie from App Group → stops retrying with bad auth → shows cached data until user opens app and re-authenticates 2. Account switch: login() now calls clearWidgetAuth() BEFORE syncCookieToWidget() — clears previous user's cached calories before writing new user's cookie. No brief display of wrong data. 3. Logout: already correct — clearWidgetAuth removes cookie + cached data, widget shows 0/2000 4. Minimum data: only session cookie + 2 cached numbers + timestamp in App Group. No passwords, no user IDs, no PII. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>