Fix Central launch profile: auth middleware, cookie auth, antiforgery, static files

- Add UseAuthentication/UseAuthorization/UseAntiforgery/UseStaticFiles middleware
- Register ASP.NET Core cookie authentication scheme in AddSecurity()
- Update auth endpoints to use SignInAsync/SignOutAsync (proper cookie auth)
- Add [AllowAnonymous] to login page
- Create wwwroot for static file serving
- Regenerate clean EF migration after model changes

Verified with launch profile "ScadaLink Central":
- Host starts, connects to SQL Server, applies EF migrations
- Akka.NET cluster forms (remoting on 8081, node joins self as leader)
- /health/ready returns Healthy (DB + Akka checks)
- LDAP auth works (admin/password via GLAuth → 302 + auth cookie set)
- Login page renders (HTTP 200)
- Unauthenticated requests redirect to /login

src/ScadaLink.Security/ServiceCollectionExtensions.cs

@@ -1,3 +1,4 @@
+using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.Extensions.DependencyInjection;
 
 namespace ScadaLink.Security;
@@ -9,6 +10,18 @@ public static class ServiceCollectionExtensions
         services.AddScoped<LdapAuthService>();
         services.AddScoped<JwtTokenService>();
         services.AddScoped<RoleMapper>();
+
+        // Register ASP.NET Core authentication with cookie scheme
+        services.AddAuthentication(CookieAuthenticationDefaults.AuthenticationScheme)
+            .AddCookie(options =>
+            {
+                options.LoginPath = "/login";
+                options.LogoutPath = "/auth/logout";
+                options.Cookie.Name = "ScadaLink.Auth";
+                options.Cookie.HttpOnly = true;
+                options.Cookie.SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict;
+            });
+
         services.AddScadaLinkAuthorization();
 
         return services;