fix: resolve login loading loop caused by Vite HMR reconnects + rate limiting

- Add @SkipThrottle() to POST /auth/refresh so repeated silent-refresh calls
  from page reloads no longer exhaust the rate limit (HTTP 429)
- Configure Vite HMR explicitly with host/clientPort/protocol=wss so the
  WebSocket connects correctly through Traefik instead of reconnecting every ~1s

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

packages/core-service/src/core/auth/auth.controller.ts

@@ -7,6 +7,7 @@ import {
   HttpCode,
   HttpStatus,
 } from '@nestjs/common';
+import { SkipThrottle } from '@nestjs/throttler';
 import { ApiTags, ApiOperation, ApiBearerAuth } from '@nestjs/swagger';
 import { Request, Response } from 'express';
 import { Public } from '../../common/decorators/public.decorator';
@@ -59,6 +60,7 @@ export class AuthController {
    */
   @Post('refresh')
   @Public()
+  @SkipThrottle()
   @HttpCode(HttpStatus.OK)
   @ApiOperation({ summary: 'Access-Token erneuern (Silent Refresh)' })
   async refresh(

packages/frontend/vite.config.ts

@@ -13,6 +13,11 @@ export default defineConfig({
     port: 8080,
     host: true,
     allowedHosts: ['.xinion.lan'],
+    hmr: {
+      host: 'insight.xinion.lan',
+      clientPort: 443,
+      protocol: 'wss',
+    },
     proxy: {
       '/api/v1/crm': {
         target: 'http://localhost:3100',