feat: Enhance authentication by refining user role validation during session handling and ensuring immediate ID token refresh after sign-in to prevent unauthenticated Data Connect SDK requests.

apps/mobile/packages/features/client/authentication/lib/src/data/repositories_impl/auth_repository_impl.dart

@@ -90,6 +90,12 @@ class AuthRepositoryImpl implements AuthRepositoryInterface {
         );
       }
 
+      // Force-refresh the ID token so the Data Connect SDK has a valid bearer
+      // token before we fire any mutations. Without this, there is a race
+      // condition where the gRPC layer sends the request unauthenticated
+      // immediately after account creation (gRPC code 16 UNAUTHENTICATED).
+      await firebaseUser.getIdToken(true);
+
       // New user created successfully, proceed to create PostgreSQL entities
       return await _createBusinessAndUser(
         firebaseUser: firebaseUser,
@@ -165,6 +171,10 @@ class AuthRepositoryImpl implements AuthRepositoryInterface {
         );
       }
 
+      // Force-refresh the ID token so the Data Connect SDK receives a valid
+      // bearer token before any subsequent Data Connect queries run.
+      await firebaseUser.getIdToken(true);
+
       // Sign-in succeeded! Check if user already has a BUSINESS account in PostgreSQL
       final bool hasBusinessAccount = await _checkBusinessUserExists(
         firebaseUser.uid,