Changes:
- Dashboard.razor: Add [AllowAnonymous] to allow page load before auth check
- CustomAuthenticationStateProvider: Use absolute URIs for HttpClient calls
- Fix JSON parsing: Use ReadAsStringAsync instead of ReadAsAsync
- Implement cookie-first auth strategy with localStorage fallback
Status: /dashboard still not loading after login
Issues to investigate:
- window.location.href redirect not working in Playwright
- Set-Cookie headers not appearing in responses
- JavaScript interop not available during static rendering
Next: Direct browser testing vs Playwright environment issue
Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>