test(#411): QA-015 — add credentials fallback test + fix refreshSession test name

Add test for non-string error.message fallback in handleCredentialsLogin.
Rename misleading refreshSession test to match actual behavior.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

apps/web/src/lib/auth/auth-context.test.tsx

@@ -411,7 +411,7 @@ describe("AuthContext", (): void => {
       consoleErrorSpy.mockRestore();
     });
 
-    it("should clear authError after successful session refresh", async (): Promise<void> => {
+    it("should persist authError across re-renders when no new session check occurs", async (): Promise<void> => {
       const consoleErrorSpy = vi.spyOn(console, "error").mockImplementation(() => {
         // Intentionally empty
       });
@@ -429,26 +429,16 @@ describe("AuthContext", (): void => {
         expect(screen.getByTestId("auth-error")).toHaveTextContent("network");
       });
 
-      // Set up successful response for refresh
-      const mockUser: AuthUser = {
-        id: "user-1",
-        email: "test@example.com",
-        name: "Test User",
-      };
-      vi.mocked(apiGet).mockResolvedValueOnce({
-        user: mockUser,
-        session: { id: "session-1", token: "token123", expiresAt: futureExpiry() },
-      });
-
-      // Trigger a rerender (simulating refreshSession being called)
+      // Re-render does NOT trigger a new session check, so authError persists
       rerender(
         <AuthProvider>
           <TestComponent />
         </AuthProvider>
       );
 
-      // The initial render will have checked session once, error should still be there
-      // A real refresh would need to call refreshSession
+      // authError should still be "network" — re-render alone does not clear it
+      expect(screen.getByTestId("auth-error")).toHaveTextContent("network");
+
       consoleErrorSpy.mockRestore();
     });
   });