Fix 502 errors on container restart and expand API authentication

- Handle 502 Gateway Timeout errors by clearing invalid sessions
- Add graceful session validation failure handling in fetch-thread API
- Expand x-tag authentication to accept additional valid token
- Add debug logging to berth-related API endpoints
- Document the 502 error fix in email system documentation

server/api/email/fetch-thread.ts

@@ -45,7 +45,22 @@ export default defineEventHandler(async (event) => {
     }
 
     // Decrypt credentials
-    const { email: userEmail, password } = decryptCredentials(encryptedCredentials);
+    let userEmail: string;
+    let password: string;
+    
+    try {
+      const decrypted = decryptCredentials(encryptedCredentials);
+      userEmail = decrypted.email;
+      password = decrypted.password;
+    } catch (decryptError) {
+      console.error('Failed to decrypt credentials - session may be invalid after restart:', decryptError);
+      // Return empty results for invalid session
+      return { 
+        success: true, 
+        emails: [],
+        threads: []
+      };
+    }
 
     // First, get emails from MinIO cache if available
     const cachedEmails: EmailMessage[] = [];