s9260

bc6f340c22bb0629ae2e3811654238e3c2318aea might fix this, since I now pass the bearer token with the first call of /user/me

Should be fixed by ab22d0f5987f357912eee911840c98bc046d5d28 and 8d901f0889bd8fd856fd1819137a2741f19d98a9. current fixes pushed to device-flow (internal). needs additional review.

1. can do 2. can't: we would need to roll our own encryption 3. will look into this.

mostly done with de075f665954485fa944efe3a4f45571d82e738f. will need to eventually figure out a workaround for >2048 following, blocked by claim_search max channelIDs.