Handle invalid return-to payloads without misclassifying login as failed

Co-Authored-By: Codex <codex@openai.com>

tests/stores/login.test.js

@@ -130,6 +130,22 @@ describe("loginStore", () => {
       window.location = originalLocation;
     });
 
+    it("falls back to /files when return-to is not valid base64", async () => {
+      axios.post.mockResolvedValue({
+        data: {
+          access_token: "token",
+          refresh_token: "refresh",
+        },
+      });
+      store.rememberedReturnToUrl = "@@@not-base64@@@";
+
+      await store.signIn();
+
+      expect(store.isLoggedIn).toBe(true);
+      expect(store.isInvalid).toBe(false);
+      expect(store.$router.push).toHaveBeenCalledWith("/files");
+    });
+
     it("sets isInvalid on error", async () => {
       axios.post.mockRejectedValue(new Error("401"));