fix(auth): ensure token storage before user state updates

- Store authentication tokens explicitly before setting user state in login
  and TOTP verification flows to prevent race conditions
- Add 'credentials: include' to WebAuthn endpoints for proper session
  cookie handling
- Add comprehensive debug logging throughout authentication flow to trace
  token lifecycle and API requests
- Update WebAuthn completeLogin to use fetch directly instead of request
  helper to properly handle session cookies
- Add allowedHosts configuration to Vite dev server

src/components/navigation/TopBar.tsx

@@ -24,25 +24,29 @@ export function TopBar() {
 
   useEffect(() => {
     async function fetchOrgs() {
+      console.log('[TopBar] fetchOrgs called, isAuthenticated:', isAuthenticated);
       if (!isAuthenticated) {
+        console.log('[TopBar] Not authenticated, skipping organizations fetch');
         setOrgsLoading(false);
         return;
       }
       
       try {
+        console.log('[TopBar] Making api.users.organizations() request');
         const response = await api.users.organizations();
+        console.log('[TopBar] Organizations fetched successfully:', response.organizations.length);
         setOrganizations(response.organizations);
         if (response.organizations.length > 0 && !currentOrg) {
           setCurrentOrg(response.organizations[0]);
         }
       } catch (error) {
-        console.error("Failed to fetch organizations:", error);
+        console.error("[TopBar] Failed to fetch organizations:", error);
       } finally {
         setOrgsLoading(false);
       }
     }
     fetchOrgs();
-  }, [isAuthenticated]);
+  }, [isAuthenticated, currentOrg]);
 
   const handleLogout = () => {
     navigate("/login");