docs: add nginx deploy instructions and fix Authorization header config

- Add proxy_set_header Authorization to /api/ location (required or token is stripped)
- Add Step 11 to README explaining how to install the nginx config

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

README.md

@@ -137,7 +137,20 @@ npm run db:generate
 npm run db:seed
 ```
 
-### Step 11 — Run the app
+### Step 11 — Configure nginx
+
+The repo includes `nginx.conf` in the project root. Install it as the active site config:
+
+```sh
+sudo cp nginx.conf /etc/nginx/sites-available/dental-app
+sudo ln -sf /etc/nginx/sites-available/dental-app /etc/nginx/sites-enabled/dental-app
+sudo nginx -t && sudo systemctl reload nginx
+```
+
+> **Important:** The `/api/` location block must include `proxy_set_header Authorization $http_authorization;`
+> Without it, nginx strips the Authorization header and the backend returns "Access denied. No token provided."
+
+### Step 12 — Run the app
 
 Open two terminals:
 

nginx.conf

@@ -2,13 +2,14 @@ server {
     listen 80;
     server_name _;
 
-    # API requests → backend
+    # API requests → backend (Authorization header must be explicit or it gets stripped)
     location /api/ {
         proxy_pass http://localhost:5000;
         proxy_http_version 1.1;
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header Authorization $http_authorization;
     }
 
     # Socket.IO → backend (WebSocket upgrade)