Add debug logging and cookie domain configuration to auth flow

- Add comprehensive logging to login and callback endpoints for debugging
- Configure cookie domain from environment variable for cross-subdomain support
- Update cookie security settings based on NODE_ENV
- Add Keycloak configuration validation with detailed error logging

server/utils/session.ts

@@ -31,10 +31,14 @@ export class SessionManager {
     const data = JSON.stringify(sessionData);
     const encrypted = this.encrypt(data);
     
+    const cookieDomain = process.env.COOKIE_DOMAIN || undefined;
+    console.log('🍪 Creating session cookie with domain:', cookieDomain);
+    
     return serialize(this.cookieName, encrypted, {
       httpOnly: true,
-      secure: true,
+      secure: process.env.NODE_ENV === 'production',
       sameSite: 'lax',
+      domain: cookieDomain,
       maxAge: 60 * 60 * 24 * 7, // 7 days
       path: '/',
     });