fix: include credentials in all requests to support cross-site api location

Séafra · alanpq · commit cf72c5cf7af3 · 2026-02-06T17:34:34.000Z
diff --git a/src/lib/CoralServer.svelte.ts b/src/lib/CoralServer.svelte.ts
@@ -35,7 +35,8 @@ export class CoralServer {
 		const token = building ? '' : page.url.searchParams.get('token');
 		return createClient<paths>({
 			baseUrl: `${(config.PUBLIC_API_PATH || base) ?? '/'}`,
-			headers: { Authorization: token ? `Bearer ${token}` : undefined }
+			headers: { Authorization: token ? `Bearer ${token}` : undefined },
+			credentials: 'include'
 		});
 	});
 
