fix(tandoor): implement smart image upload with auth fix

- Fix authentication header from 'Bearer' to 'Token' (DRF TokenAuth)
- Implement three-strategy upload system:
  1. URL pass-through for direct URLs (most efficient)
  2. Base64 data URL conversion for screenshots
  3. Fallback blob upload for any other format
- Add comprehensive error handling with response details
- Add detailed logging for debugging upload strategies
- Document thumbnail formats in extractThumbnailStealth()

Fixes #30 - Tandoor image upload 400 Bad Request error

Based on Tandoor source code analysis (cookbook/views/api.py):
- RecipeImageSerializer accepts 'image_url' field for server-side download
- Uses Token authentication, not Bearer
- Supports multipart file upload with proper MIME types

src/lib/server/extraction.ts

@@ -632,11 +632,20 @@ async function fetchImageAsBase64(imageUrl: string): Promise<string | null> {
 
 /**
  * Extract thumbnail from Instagram post using stealth techniques
+ * 
  * Tries multiple methods in order of stealth:
- * 1. Meta tags (og:image, twitter:image)
- * 2. Video poster attribute
- * 3. Instagram window data structures
- * 4. Screenshot fallback
+ * 1. Meta tags (og:image, twitter:image) - Returns: Direct HTTPS URL
+ * 2. Video poster attribute - Returns: Direct HTTPS URL
+ * 3. Instagram window data structures - Returns: Direct HTTPS URL
+ * 4. Screenshot fallback - Returns: Base64 data URL (data:image/jpeg;base64,...)
+ * 
+ * @param page - Playwright page instance
+ * @param progressCallback - Optional progress callback for SSE updates
+ * @returns Image URL (either direct HTTPS URL or base64 data URL) or null if all methods fail
+ * 
+ * **Thumbnail Format Guide:**
+ * - Methods 1-3: Return direct HTTPS URLs → Tandoor can use URL pass-through (efficient)
+ * - Method 4: Returns base64 data URL → Requires conversion to file blob for upload
  */
 async function extractThumbnailStealth(
 	page: Page,