Enhance logging for username/phone access control in Telegram authentication

- Updated the logging statement in `get_authenticated_username` to include the normalized phone number when access is denied, improving traceability.
- Introduced a new variable `failed_phone` to store the normalized phone number for better debugging and error reporting.
- Ensured that the logging format reflects the additional information for enhanced clarity during authentication failures.

duty_teller/api/dependencies.py

@@ -123,14 +123,18 @@ def get_authenticated_username(
         )
     if username and config.can_access_miniapp(username):
         return username
+    failed_phone: str | None = None
     if telegram_user_id is not None:
         user = get_user_by_telegram_id(session, telegram_user_id)
         if user and user.phone and config.can_access_miniapp_by_phone(user.phone):
             return username or (user.full_name or "") or f"id:{telegram_user_id}"
+        if user and user.phone:
+            failed_phone = config.normalize_phone(user.phone)
     log.warning(
-        "username/phone not in allowlist (username=%s, telegram_id=%s)",
+        "username/phone not in allowlist (username=%s, telegram_id=%s, phone=%s)",
         username,
         telegram_user_id,
+        failed_phone if failed_phone else "—",
     )
     raise HTTPException(status_code=403, detail=t(lang, "api.access_denied"))