Ryan Moon 38341aa0a9 fix: switch from httpOnly cookies to localStorage Bearer token auth ...

Cookie-based auth was unreliable through Cloudflare/nginx proxy — cookie
was being sent for some requests but not others. Switch to returning JWT
in login response, storing in localStorage, and sending as Authorization
Bearer header on all API calls. Eliminates all cookie/SameSite/Secure
proxy issues.

2026-04-03 18:09:24 -05:00

31 KiB

Raw Blame History

View Raw