{"auth_enabled":true,"mfa_auth_enabled":false,"auth_base_url":"https://aquarius-web-20260420.azurewebsites.net","auth_base_url_configured":"https://aquarius-web-20260420.azurewebsites.net","auth_base_url_auto_detected":false,"auth_session_secret_configured":true,"cookie_mode":"signed","users":{"users_file_path":"/app/config/users.json","users_file_exists":false,"users_from_env_json":true,"users_env_json_parse_ok":true,"user_count":4,"usernames":["admin","ops","areamanager","analyst"],"override_env_username_set":true,"override_env_password_set":true,"override_login_available":true},"session":{"cookie_present":false,"cookie_length":0,"cookie_mode":"signed","cookie_secure_flag":true,"running_on_azure":true,"website_hostname":"aquarius-web-20260420.azurewebsites.net","auth_base_url":"https://aquarius-web-20260420.azurewebsites.net","auth_base_url_configured":"https://aquarius-web-20260420.azurewebsites.net","x_forwarded_proto":"https","auth_session_secret_configured":true,"memory_sessions_count":0,"using_memory_session_id":false,"failure_reason":"no_cookie","user_sub":null},"hints":["POST /auth/override-login → 302 then GET /overview → 302 means cookie not sticking.","failure_reason=no_cookie → password accepted but browser did not keep/send the cookie; clear site cookies.","failure_reason=no_cookie on Azure with auth_base_url=localhost → set AUTH_BASE_URL to your public https URL.","failure_reason=signature_invalid → AUTH_SESSION_SECRET mismatch between deploys/instances; redeploy with stable secret.","user_count=0 → set USERS_JSON in Azure App Settings (or config/users.json for local dev only).","After login, cookie_present should be true on /auth/debug-login."]}