Merge API remote base URL config into dev

Co-authored-by: Cursor <cursoragent@cursor.com>

src/api/client.ts

@@ -38,6 +38,13 @@ export function getApiBase(): string {
   return raw.replace(/\/+$/, '')
 }
 
+export function authenticatedApiUrl(path: string): string {
+  const url = getApiBase() + path
+  if (!accessToken) return url
+  const separator = url.includes('?') ? '&' : '?'
+  return `${url}${separator}access_token=${encodeURIComponent(accessToken)}`
+}
+
 /**
  * Indirection for the failed-refresh redirect. Default impl writes
  * `'/login'` to `window.location.href` — the production behavior. Tests
@@ -68,13 +75,13 @@ async function request<T>(url: string, options: RequestInit = {}): Promise<T> {
   if (options.body && typeof options.body === 'string') headers.set('Content-Type', 'application/json')
 
   const fullUrl = getApiBase() + url
-  let res = await fetch(fullUrl, { ...options, headers })
+  let res = await fetch(fullUrl, { ...options, headers, credentials: 'include' })
 
   if (res.status === 401 && accessToken) {
     const refreshed = await refreshToken()
     if (refreshed) {
       headers.set('Authorization', `Bearer ${accessToken}`)
-      res = await fetch(fullUrl, { ...options, headers })
+      res = await fetch(fullUrl, { ...options, headers, credentials: 'include' })
     } else {
       setToken(null)
       navigateToLoginImpl()