fix: capture account/service/user IDs in access logs for auth requests

- Add accountID and serviceID to auth middleware DomainConfig
- Set account/service IDs in CapturedData when domain is matched
- Update AddDomain to accept accountID and serviceID parameters
- Skip access logging for internal proxy assets (/__netbird__/*)
- Return validationResult struct from validateSessionToken to preserve
  user ID even when access is denied
- Capture user ID and auth method in access logs for denied requests

proxy/internal/accesslog/middleware.go

@@ -3,15 +3,23 @@ package accesslog
 import (
 	"net"
 	"net/http"
+	"strings"
 	"time"
 
 	"github.com/rs/xid"
 
 	"github.com/netbirdio/netbird/proxy/internal/proxy"
+	"github.com/netbirdio/netbird/proxy/web"
 )
 
 func (l *Logger) Middleware(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		// Skip logging for internal proxy assets (CSS, JS, etc.)
+		if strings.HasPrefix(r.URL.Path, web.PathPrefix+"/") {
+			next.ServeHTTP(w, r)
+			return
+		}
+
 		// Generate request ID early so it can be used by error pages and log correlation.
 		requestID := xid.New().String()