Remove token refresh logic - no refresh endpoint available

b0esche_cloud/lib/repositories/http_auth_repository.dart

@@ -28,27 +28,19 @@ class HttpAuthRepository implements AuthRepository {
 
   @override
   Future<User?> getCurrentUser() async {
-    try {
-      // Attempt to refresh token / get session user info
-      final res = await _apiClient.post('/auth/refresh', fromJson: (d) => d);
-      if (res != null && res['user'] != null) {
-        final user = res['user'];
-        return User(
-          id: user['id'].toString(),
-          username: user['username'] ?? user['email'],
-          email: user['email'],
-          createdAt: DateTime.parse(
-            user['createdAt'] ?? DateTime.now().toIso8601String(),
-          ),
-        );
-      }
-    } catch (_) {}
+    // No refresh endpoint available - rely on SessionBloc for token management
+    // If token is stored and valid, SessionBloc will restore it
+    // If API calls return 401, session will expire automatically
     return null;
   }
 
   @override
   Future<void> logout() async {
-    // Clear session via client-side session bloc; no server endpoint required here
-    return;
+    try {
+      // Call backend to revoke session
+      await _apiClient.post('/auth/logout', fromJson: (d) => null);
+    } catch (_) {
+      // Ignore logout errors - clear local session regardless
+    }
   }
 }

b0esche_cloud/lib/services/api_client.dart

@@ -47,20 +47,6 @@ class ApiClient {
     return null;
   }
 
-  Future<bool> _tryRefreshToken() async {
-    try {
-      final response = await _dio.post('/auth/refresh');
-      if (response.statusCode == 200) {
-        final newToken = response.data['token'];
-        _sessionBloc.add(SessionRefreshed(newToken));
-        return true;
-      }
-    } catch (e) {
-      // Refresh failed
-    }
-    return false;
-  }
-
   Future<T> get<T>(
     String path, {
     Map<String, dynamic>? queryParameters,