fix: auto-login imToken in-app browser without query

.unipi/docs/fix/2026-06-06-imtoken-production-address-fix.md

@@ -0,0 +1,34 @@
+---
+title: "imToken production cannot get wallet address — Quick Fix"
+type: quick-fix
+date: 2026-06-06
+---
+
+# imToken production cannot get wallet address — Quick Fix
+
+## Bug
+
+`main` serves `ark-library.com`, while `terry-wallet-login` serves the staging site. Staging can log in with imToken, but production can open imToken's in-app browser without getting the wallet address or completing login.
+
+## Root Cause
+
+The auto-login effect only ran when the URL contained an explicit `autoLogin` / `autologin` query parameter. imToken's in-app-browser deeplink can open the DApp page without preserving that query string. In that case the production page was inside imToken and could have an injected wallet provider, but `AutoInjectedLogin` returned early and never attempted to read the wallet address.
+
+The parser was also case-sensitive, so a lowercase `autologin=imtoken` test URL would not start the flow.
+
+## Fix
+
+Updated the auto-login entrypoint to treat an imToken in-app-browser user agent as an imToken direct-login session even when the query parameter is missing. Also made the wallet-kind parser case-insensitive.
+
+### Files Modified
+
+- `src/wallet/AutoInjectedLogin.tsx` — imports `isImTokenBrowser()`, falls back to `imToken` when inside imToken without an auto-login query, and accepts lowercase wallet kind values.
+
+## Verification
+
+- `npx prettier --write src/wallet/AutoInjectedLogin.tsx`
+- `npx tsc --noEmit`
+
+## Notes
+
+This is scoped to imToken UA fallback. TokenPocket and MetaMask still require an explicit auto-login query parameter.