If localStorage has authToken but no userId, client thinks user is logged in

Leading to `500` errors from auth server because we're making requests without a user `id`.

Need to fix `loadLocalSession` and probably `isLoggedIn` methods.
