Refactor authentication handling and improve API client security

- Updated OAuth endpoints for Challonge and Discord in platforms configuration.
- Implemented session and CSRF cookie initialization in main application entry.
- Enhanced Challonge API client to avoid sending sensitive API keys from the browser.
- Modified tournament querying to handle new state definitions and improved error handling.
- Updated UI components to reflect server-side storage of authentication tokens.
- Improved user experience in API Key Manager and Authentication Hub with clearer messaging.
- Refactored client credentials management to support asynchronous operations.
- Adjusted API client tests to validate new request configurations.
- Updated Vite configuration to support session and CSRF handling through proxies.

code/websites/pokedex.online/tests/unit/composables/useChallongeClient.test.js

@@ -9,7 +9,8 @@ import { ScopeType } from '../../../src/services/challonge.service.js';
 // Mock dependencies before importing composable
 vi.mock('../../../src/composables/useChallongeApiKey.js', () => ({
   useChallongeApiKey: () => ({
-    getApiKey: () => 'test-api-key-1234567890'
+    isKeyStored: ref(true),
+    getApiKey: () => null
   })
 }));
 
@@ -91,10 +92,7 @@ describe('useChallongeClient', () => {
   it('masks API key correctly', () => {
     const { maskedApiKey } = useChallongeClient();
 
-    const masked = maskedApiKey.value;
-    expect(masked).toContain('•••');
-    expect(masked.startsWith('test')).toBe(true);
-    expect(masked.endsWith('7890')).toBe(true);
+    expect(maskedApiKey.value).toBe('stored on server');
   });
 
   it('returns auth type', () => {

code/websites/pokedex.online/tests/unit/utilities/api-client.test.js

@@ -59,9 +59,7 @@ describe('api-client', () => {
         '/test',
         expect.objectContaining({
           method: 'GET',
-          headers: expect.objectContaining({
-            'Content-Type': 'application/json'
-          })
+          credentials: 'include'
         })
       );
     });