- Collect per-request auth diagnostics (header presence, scheme, token
fingerprint, failure stage/reason, subject, expiry) in the auth
middleware and expose them through RequestLogContextFromGin so the
shared logger middleware can emit them.
- Add route, query, user-agent, and referer fields to the request log.
- Log knowledge resolve outcome per stage (no_search_points,
no_candidate_text, no_active_candidates, rerank_failed_fallback,
resolved) with candidate/selected snippet previews and precise facts.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>