fix: implement proactive session capture and harden Steam registry/VDF injection for cross-machine reliability

frontend/electron/main.ts

@@ -356,11 +356,21 @@ const handleLocalAccountsFound = async (localAccounts: LocalSteamAccount[]) => {
         const profile = await fetchProfileData(local.steamId);
         const bans = await scrapeBanStatus(profile.profileUrl);
         const localPath = await downloadAvatar(profile.steamId, profile.avatar);
+        
+        // Wait and retry snagging the config (Steam takes time to write it)
+        let loginConfig = undefined;
+        for (let i = 0; i < 3; i++) {
+          await new Promise(r => setTimeout(r, 2000));
+          loginConfig = steamClient.extractAccountConfig(local.accountName);
+          if (loginConfig) break;
+        }
+
         currentAccounts.push({
           _id: Date.now().toString() + Math.random().toString().slice(2, 5),
           steamId: local.steamId, personaName: profile.personaName || local.accountName,
           loginName: local.accountName, autoCheckCooldown: false, avatar: profile.avatar,
           localAvatar: localPath, profileUrl: profile.profileUrl,
+          loginConfig, sessionUpdatedAt: loginConfig ? new Date().toISOString() : undefined,
           status: (bans.vacBanned || bans.gameBans > 0) ? 'banned' : 'none',
           vacBanned: bans.vacBanned, gameBans: bans.gameBans, lastBanCheck: new Date().toISOString()
         });
@@ -561,7 +571,42 @@ ipcMain.handle('admin-delete-user', async (event, userId: string) => { initBacke
 ipcMain.handle('admin-get-accounts', async () => { initBackend(); return backend ? await backend.getAdminAccounts() : []; });
 ipcMain.handle('admin-remove-account', async (event, steamId: string) => { initBackend(); if (backend) await backend.forceRemoveAccount(steamId); return true; });
 
-ipcMain.handle('switch-account', async (event, loginName: string) => await handleSwitchAccount(loginName));
+ipcMain.handle('switch-account', async (event, loginName: string) => {
+  if (!loginName) return false;
+  try {
+    // PROACTIVE SYNC: Try to snag the freshest token before we kill Steam
+    const accounts = store.get('accounts') as Account[];
+    const account = accounts.find(a => a.loginName === loginName);
+    if (account && !account._id.startsWith('shared_')) {
+      const freshConfig = steamClient.extractAccountConfig(loginName);
+      if (freshConfig) {
+        account.loginConfig = freshConfig;
+        account.sessionUpdatedAt = new Date().toISOString();
+        if (backend) await backend.shareAccount(account);
+        store.set('accounts', accounts);
+      }
+    }
+
+    await killSteam();
+    
+    if (process.platform === 'win32') {
+      const regBase = 'reg add "HKCU\\Software\\Valve\\Steam"';
+      const commands = [
+        `${regBase} /v AutoLoginUser /t REG_SZ /d "${loginName}" /f`,
+        `${regBase} /v RememberPassword /t REG_DWORD /d 1 /f`,
+        `${regBase} /v AlreadyLoggedIn /t REG_DWORD /d 1 /f`,
+        `${regBase} /v WantsOfflineMode /t REG_DWORD /d 0 /f`
+      ];
+      await new Promise<void>((res, rej) => exec(commands.join(' && '), (e) => e ? rej(e) : res()));
+      if (account && account.loginConfig) steamClient.injectAccountConfig(loginName, account.loginConfig);
+    } else if (process.platform === 'linux') {
+      await steamClient.setAutoLoginUser(loginName, account?.loginConfig, account?.steamId);
+    }
+    startSteam();
+    return true;
+  } catch (e) { return false; }
+});
+
 ipcMain.handle('open-external', (event, url: string) => shell.openExternal(url));
 
 ipcMain.handle('open-steam-app-login', async () => {