- Update configuration for production HTTPS domain (devden.hiddenden.cafe)
- Add nginx reverse proxy for /api and /auth routes to backend
- Create auth-callback.html to handle Microsoft Entra ID OAuth redirect
- Fix API_URL in script.js to use same origin (remove :8000 port)
- Add cache-busting query parameter (?v=2) to script.js
- Update .env.example with HTTPS requirements documentation
This resolves Azure Entra ID redirect URI mismatch and enables proper
OAuth authentication flow through the nginx frontend proxy.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
