- Store authentication tokens explicitly before setting user state in login
and TOTP verification flows to prevent race conditions
- Add 'credentials: include' to WebAuthn endpoints for proper session
cookie handling
- Add comprehensive debug logging throughout authentication flow to trace
token lifecycle and API requests
- Update WebAuthn completeLogin to use fetch directly instead of request
helper to properly handle session cookies
- Add allowedHosts configuration to Vite dev server
coryHawkvelt
gpt-engineer-app[bot]