Replace Axios with native fetch; add global 401 session-expiry redirect

All API calls now go through a thin request() wrapper around native fetch.
Removes the axios dependency entirely. The wrapper injects the JWT on every
request and — the key fix — clears localStorage and redirects to /login on
any 401 response, so expired sessions no longer leave users on broken pages.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

frontend/package.json

@@ -13,8 +13,7 @@
   "dependencies": {
     "@radix-ui/react-slot": "^1.0.2",
     "@tanstack/react-query": "^5.40.0",
-    "axios": "^1.7.2",
-    "class-variance-authority": "^0.7.0",
+"class-variance-authority": "^0.7.0",
     "clsx": "^2.1.0",
     "lucide-react": "^0.400.0",
     "react": "^18.3.1",