fix: atproto oauth dev redirect, tab isolation, and concurrent load guard

- Use buildLoopbackClientId(window.location) for dev to include port in redirect URI
- Bind Vite dev server to 127.0.0.1 explicitly
- Remove scope override in signInRedirect (use metadata default)
- Clear OAuth callback params from URL after session restore
- Replace follows badge with DaisyUI tabs (All / Following)
- Use separate PublicNoteList instances per tab to isolate v-infinite-scroll state
- Add isLoading guard in onLoadMore to prevent concurrent fetches

src/hooks/useATProtoLogin.hook.ts

@@ -19,6 +19,8 @@ const initializeAuth = async () => {
     did.value = session.did
     handle.value = resolvedHandle
     await saveSession(session.did, resolvedHandle)
+
+    window.history.replaceState(null, '', window.location.pathname)
   } else {
     const stored = await loadSession()
     did.value = stored?.did ?? ''

src/hooks/usePublicNoteList.hook.ts

@@ -15,6 +15,7 @@ export function usePublicNoteList(options?: UsePublicNoteListOptions) {
   const canLoadMore = computed(() => cursor.value !== undefined)
 
   const onLoadMore = async () => {
+    if (isLoading.value) return
     isLoading.value = true
 
     const path = options?.did?.value ? `/${options.did.value}/notes` : "/notes"