Two gaps found during review of the recent retry-hardening commits:
1. api_patch_object.ts and api_delete_object.ts still defaulted to 60s
timeout while GET/POST were lowered to 20s. No callers set an explicit
timeout, so the default was the only value used. With retry_count=5 and
the new backoff policy, 60s per attempt = 5+ minutes worst-case wait.
Lowered to 20s to match GET/POST and keep worst-case under ~2 minutes.
2. api_delete_object.ts had no ae_auth_error import and no session-expired
banner on 401/403. A stale-session DELETE would silently return false
with no user feedback. Added browser + ae_auth_error imports and the
ae_auth_error.set() call matching the pattern in GET/POST/PATCH.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
ea765d8ad2