Fix OAuth token handling in frontend

- Properly handle null/undefined tokens in fetchScenes API
- Don't send Authorization header when no token exists
- Prevents sending 'null' string as access token to backend
- Fixes 500 errors when users haven't authenticated yet

src/routes/Vote.svelte

@@ -45,12 +45,18 @@
         try {
             const url = "/api/fetchScenes";
             const token = localStorage.getItem("access_token");
+            const headers = {
+                "Cache-Control": "no-cache",
+            };
+            
+            // Only add Authorization header if we have a valid token
+            if (token) {
+                headers.Authorization = `Bearer ${token}`;
+            }
+            
             const response = await fetch(url, {
                 method: "GET",
-                headers: {
-                    "Cache-Control": "no-cache",
-                    Authorization: `Bearer ${token}`,
-                },
+                headers,
             });
             const result = await response.json();
             if (result.input) {

src/routes/api/fetchScenes/+server.ts

@@ -5,7 +5,11 @@ export const GET: RequestHandler = async ({ request }) => {
     const authHeader = request.headers.get("authorization");
     let accessToken = null;
     if (authHeader && authHeader.startsWith("Bearer ")) {
-        accessToken = authHeader.substring("Bearer ".length);
+        const token = authHeader.substring("Bearer ".length);
+        // Don't use token if it's null, undefined, or empty string
+        if (token && token !== "null" && token !== "undefined") {
+            accessToken = token;
+        }
     }
 
     const url = accessToken