Local AI Backend API Always Returns Empty Data: Cookie Domain Isolation
The main backend runs on a remote HTTPS server, so the auth_token cookie is scoped to that domain. The browser never sends it to the local AI backend, causing the API to treat every request as unauthenticated.