[fix](trx-frontend-http): grant full access by default when auth is disabled

When HTTP authentication is disabled (the default), the /auth/session
endpoint now returns { authenticated: true, role: "control" } instead
of 404. This allows the frontend to proceed without showing a login
gate, providing the expected out-of-the-box experience.

With this change:
- Default behavior: no login required, full control access
- Auth enabled: login gate shown, roles enforced per config

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Signed-off-by: Stanislaw Grams <stanislawgrams@gmail.com>

src/trx-client/trx-frontend/trx-frontend-http/src/auth.rs

@@ -351,8 +351,12 @@ pub async fn session_status(
     req: HttpRequest,
     auth_state: web::Data<AuthState>,
 ) -> Result<impl Responder, Error> {
+    // If auth is disabled, grant full control access without requiring login
     if !auth_state.config.enabled {
-        return Ok(HttpResponse::NotFound().finish());
+        return Ok(HttpResponse::Ok().json(SessionStatus {
+            authenticated: true,
+            role: Some("control".to_string()),
+        }));
     }
 
     let session_id = extract_session_id(&req);