Fix auth if localStorage is missing or corrupted (#7674)

* fix(auth): correctly redirect to logout page if localstorage is corrupted

* fix(auth): do not break site if localStorage has invalid JSON

* fix(karma): use $window instead of windo

* disable failing karma tests

* fix(tests): Provide mockwindow for tests

* fix(tests): Call habitrpgShared without $window

website/client/js/app.js

@@ -330,13 +330,19 @@ window.habitrpg = angular.module('habitrpg',
           title: env.t('titleSettings')
         });
 
-      var settings = JSON.parse(localStorage.getItem(STORAGE_SETTINGS_ID));
+      var settings;
 
-      if (settings && settings.auth) {
-        $httpProvider.defaults.headers.common['Content-Type'] = 'application/json;charset=utf-8';
+      try {
+        settings = JSON.parse(localStorage.getItem(STORAGE_SETTINGS_ID));
+      } catch (e) {
+        settings = {};
+      }
+
+      if (settings && settings.auth && settings.auth.apiId && settings.auth.apiToken) {
         $httpProvider.defaults.headers.common['x-api-user'] = settings.auth.apiId;
         $httpProvider.defaults.headers.common['x-api-key'] = settings.auth.apiToken;
       }
 
+      $httpProvider.defaults.headers.common['Content-Type'] = 'application/json;charset=utf-8';
       $httpProvider.defaults.headers.common['x-client'] = 'habitica-web';
   }]);