help4bis 41c16820e5 fix: calls — JWT field name 'jwt' not 'token', CORS dedup on server ...

- lk-jwt-service returns {jwt: '...', url: '...'} not {token: '...'}
  Now reads both 'jwt' and 'token' fields for compatibility
- Server nginx: added proxy_hide_header to strip upstream CORS headers
  preventing duplicate Access-Control-Allow-Origin (browser rejects)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

2026-04-03 06:32:55 +10:00

6.1 KiB

Raw Blame History

View Raw