Covers #2546: a logged-in user navigating to a public link share URL
used to bounce infinitely between /share/:hash/auth and the project
view, stranding the user on an empty NoAuthWrapper shell. Two distinct
issues in checkAuth() produced the same symptom:
1. The 1-minute debounce skipped re-parsing the new link share JWT
when the user was already authenticated.
2. The "same user, skip setUser" fast path compared only `id`, so a
logged-in user whose id collided with the link share's id kept
the USER `info.value.type` and `authLinkShare` never flipped.
The test pins both the logged-in user and the link share to the same
numeric id so it exercises the collision path, which catches both
regressions at once.
The anonymous link share tests don't use the authenticatedPage fixture
(which implicitly calls setupApiUrl via login()), so the browser was
falling back to the default `window.API_URL = '/api/v1'` baked into
index.html. That relative path resolved against the preview server port
and never reached the API, causing the tests to hang on the NoAuth
"Welcome Back" page waiting for elements that never rendered.
Adding a beforeEach that calls setupApiUrl() restores these tests.