fix(node-player): use IndexedDB for SW token instead of postMessage

postMessage is unreliable on first load — SW may not be active yet.
IndexedDB is shared between page and SW, so the token is always
available regardless of SW lifecycle timing.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

furumi-node-player/client/src/furumiApi.ts

@@ -9,11 +9,14 @@ export const furumiApi = axios.create({
 })
 
 function sendTokenToSW(token: string) {
-  navigator.serviceWorker?.controller?.postMessage({ type: 'SET_TOKEN', token })
-  // Also send to waiting/installing SW
-  navigator.serviceWorker?.ready.then((reg) => {
-    reg.active?.postMessage({ type: 'SET_TOKEN', token })
-  })
+  try {
+    const req = indexedDB.open('furumi-sw', 1)
+    req.onupgradeneeded = () => req.result.createObjectStore('auth')
+    req.onsuccess = () => {
+      const tx = req.result.transaction('auth', 'readwrite')
+      tx.objectStore('auth').put(token, 'bearer')
+    }
+  } catch { /* ignore */ }
 }
 
 export function setAuthToken(token: string) {