fix(web,api): fix WebSocket authentication for chat real-time connection (#547)

Co-authored-by: Jason Woltje <jason@diversecanvas.com>
Co-committed-by: Jason Woltje <jason@diversecanvas.com>

apps/web/src/hooks/useWebSocket.ts

@@ -97,9 +97,12 @@ export function useWebSocket(
     setConnectionError(null);
 
     // Create socket connection
+    // withCredentials sends session cookies cross-origin so the gateway can
+    // authenticate via cookie when no explicit token is provided.
     const newSocket = io(wsUrl, {
       auth: { token },
       query: { workspaceId },
+      withCredentials: true,
     });
 
     setSocket(newSocket);