Add JWT debugging and fix Keycloak networking

- Added JWT authentication event logging to diagnose validation failures
- Fixed docker-compose networking for API to reach Keycloak via hostname
- Debug endpoint now accessible without auth for troubleshooting
- Still investigating why claims are not populated despite token being present

docker-compose.yml

@@ -70,12 +70,8 @@ services:
     ports:
       - "5001:8080"
     extra_hosts:
-      - "localhost:host-gateway"
-      - "127.0.0.1:host-gateway"
-    networks:
-      app-network:
-        aliases:
-          - keycloak.internal
+      - "localhost:172.18.0.1"
+      - "127.0.0.1:172.18.0.1"
     working_dir: /app
     volumes:
       - ./backend:/app:cached