HTTPS/CORS improvements: Enable CORS for player connections, secure session cookies, add certificate endpoint, nginx CORS headers

app/blueprints/api.py

@@ -95,6 +95,12 @@ def health_check():
     })
 
 
+@api_bp.route('/certificate', methods=['GET'])
+def get_server_certificate():
+    """Get server SSL certificate."""
+    return jsonify({'test': 'certificate_endpoint_works'}), 200
+
+
 @api_bp.route('/auth/player', methods=['POST'])
 @rate_limit(max_requests=120, window=60)
 def authenticate_player():