Ho Ngoc Hai
4a1094b080
fix(web-client-tpos): restore JWT from localStorage before admin API calls
Root cause: AdminBase had no auth initialization. AuthStateService is
in-memory Singleton — token is null after page refresh. Admin pages
called PosDataService without token → BFF forwarded requests without
Authorization header → microservices returned 401.
Fix:
- AdminBase.cs: inject AuthService, call TryRestoreSessionAsync()
- 9 admin pages: add await base.OnInitializedAsync() calls
- BffHttpClient.cs: add debug logging for auth forwarding