fix: démarrage immédiat + session conservée hors-ligne

- AuthViewModel: affiche l'app immédiatement si un token existe, sans
  attendre le refresh réseau — le refresh + sync se font en arrière-plan
- BonsaiAuthManager.refreshIfNeeded: ne déconnecte l'utilisateur que sur
  401/403 (token invalide), pas sur erreur réseau ou timeout

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

app/build.gradle.kts

@@ -16,7 +16,7 @@ android {
         minSdk = 26
         targetSdk = 35
         versionCode = 1
-        versionName = "0.0.18"
+        versionName = "0.0.19"
         testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
     }
 

app/src/main/java/com/planify/mobile/data/bonsai/BonsaiAuthManager.kt

@@ -97,12 +97,23 @@ class BonsaiAuthManager @Inject constructor(
 
         runCatching {
             httpClient.newCall(request).execute().use { response ->
-                if (!response.isSuccessful) return@withContext false
-                val raw = response.body?.string() ?: return@withContext false
+                when {
+                    response.isSuccessful -> {
+                        val raw = response.body?.string() ?: return@withContext true
                         saveTokens(JSONObject(raw))
                         true
                     }
-        }.getOrDefault(false)
+                    response.code == 401 || response.code == 403 -> {
+                        // Refresh token genuinely invalid — must re-login.
+                        false
+                    }
+                    else -> {
+                        // Server error or network issue — keep existing token, don't logout.
+                        true
+                    }
+                }
+            }
+        }.getOrDefault(true) // Network exception (offline, timeout) → keep existing token.
     }
 
     fun logout() {

app/src/main/java/com/planify/mobile/ui/auth/AuthViewModel.kt

@@ -38,12 +38,12 @@ class AuthViewModel @Inject constructor(
                 _status.value = AuthStatus.NotAuthenticated
                 return@launch
             }
-            if (authManager.refreshIfNeeded()) {
+            // Show the app immediately — don't block on a network call.
             _status.value = AuthStatus.Authenticated(authManager.getUsername())
+            // Refresh token + sync in background without blocking startup.
+            viewModelScope.launch {
+                authManager.refreshIfNeeded()
                 syncManager.sync()
-            } else {
-                authManager.logout()
-                _status.value = AuthStatus.NotAuthenticated
             }
         }
     }