fix: add trust proxy for express-rate-limit behind nginx

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

server/src/index.ts

@@ -38,6 +38,7 @@ const io = setupSocket(httpServer);
 app.set('io', io);
 
 // Middleware
+app.set('trust proxy', 1);
 app.use(helmet({ contentSecurityPolicy: false }));
 app.use(cors({ origin: env.CLIENT_URL, credentials: true }));
 app.use(cookieParser());