94b3b87785
android / Build + lint + test (push) Successful in 4m24s
Drift #568/#569 scoped AuthCookieInterceptor to PLACEHOLDER_HOST so the shared OkHttp client wouldn't leak the session cookie to external image fetches (Coil → musicbrainz, coverartarchive, Lidarr). The fix was correct but assumed AuthCookieInterceptor would see the original placeholder.invalid URL — production NetworkModule had BaseUrlInterceptor running FIRST, so by the time auth's intercept() ran the host was already rewritten to the real Minstrel server and the placeholder check failed on every request. Symptom on v2026.06.02: fresh install login appears to succeed but no cookie is captured from Set-Cookie and no cookie is attached to subsequent requests, so the user stays at the Welcome screen. AuthCookieInterceptorTest already chains the interceptors in the correct order, which is why the regression went undetected — only production was wrong. Fix: swap to (auth, baseUrl, logging). Auth now sees placeholder.invalid, attaches/captures the cookie, then BaseUrl rewrites the host for transport.