feat: integrate Bereketli via iframe with Supabase token bridge

B2B button now opens Bereketli (bereketli.pezkiwi.app) embedded in an
iframe. PWAP exchanges the user's Supabase JWT for a Bereketli JWT
via the existing /v1/auth/exchange endpoint, then passes tokens to
the iframe via postMessage. User never sees a login screen.

- New /bereketli route (ProtectedRoute)
- Token caching in localStorage (10 min TTL)
- Camera + geolocation permissions on iframe
- Desktop and mobile layouts supported
- Re-auth on token expiry via postMessage

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

web/src/App.tsx

@@ -34,6 +34,7 @@ const WalletDashboard = lazy(() => import('./pages/WalletDashboard'));
 const ReservesDashboardPage = lazy(() => import('./pages/ReservesDashboardPage'));
 const BeCitizen = lazy(() => import('./pages/BeCitizen'));
 const Identity = lazy(() => import('./pages/Identity'));
+const Bereketli = lazy(() => import('./pages/Bereketli'));
 const Citizens = lazy(() => import('./pages/Citizens'));
 const CitizensIssues = lazy(() => import('./pages/citizens/CitizensIssues'));
 const GovernmentEntrance = lazy(() => import('./pages/citizens/GovernmentEntrance'));
@@ -147,6 +148,11 @@ function App() {
                               <Route path="/local" element={<Local />} />
                               <Route path="/be-citizen" element={<BeCitizen />} />
                               <Route path="/identity" element={<Identity />} />
+                              <Route path="/bereketli" element={
+                                <ProtectedRoute>
+                                  <Bereketli />
+                                </ProtectedRoute>
+                              } />
                               <Route path="/citizens" element={<Citizens />} />
                               <Route path="/citizens/issues" element={<CitizensIssues />} />
                               <Route path="/citizens/government" element={<GovernmentEntrance />} />