Add Express trust proxy setting and improve session cookie configuration
to work properly behind nginx reverse proxy.
Changes:
- Add app.set('trust proxy', 1) before session middleware
- Update session cookie with sameSite: 'lax' and httpOnly: true
- Add explicit cookie name: 'connect.sid'
This works together with nginx location blocks to route /api/projects
and /api/recycle-bin requests to the Obsidian Web Interface (port 3010)
instead of the generic Next.js backend (port 8080).
Fixes "Failed to load on projects" error on production domain.
See AUTHENTICATION_FIX_REPORT.md for full details.
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
