Tenant owner sign in

Uses REST POST /api/v1/auth/login and httpOnly JWT cookie (same-site via Next rewrite).