diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..206ff25
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,21 @@
+FROM golang:1.25.3-alpine AS builder
+
+WORKDIR /app
+
+COPY ./app/go.mod ./app/go.sum ./
+
+RUN go mod download
+
+RUN go mod verify
+
+COPY ./app ./.
+
+RUN go build -o app .
+
+FROM alpine:latest AS runner
+
+WORKDIR /app
+
+COPY --from=builder /app/app /app/app
+
+CMD ["./app"]
\ No newline at end of file
diff --git a/app/main.go b/app/main.go
index fe63edd..c5d4f75 100644
--- a/app/main.go
+++ b/app/main.go
@@ -18,7 +18,7 @@ func main() {
 	pseudonymizer := masterlog.NewPseudonymizerFromString("1234567890")
 
 	masterlog.SetPseudonymizer(pseudonymizer)
-	masterlog.AddSensitiveFields("password", "token", "email")
+	masterlog.AddSensitiveFields("password", "token", "email", "token_value", "key_value")
 
 	if config.Debug {
 		masterlog.SetLevel(masterlog.LevelDebug)
@@ -26,8 +26,6 @@ func main() {
 		masterlog.SetLevel(masterlog.LevelInfo)
 	}
 
-	// resetAdminApiKey := utils.GetEnvBool("RESET_ADMIN_API_KEY", false)
-
 	masterlog.AddEncoder(&masterlog.JSONEncoder{})
 
 	allModels := []interface{}{
@@ -67,9 +65,12 @@ func main() {
 	// Controllers
 	app.Post("/login", controllers.LoginController)
 	app.Post("/register", controllers.RegisterController)
-	app.Get("/api_keys", controllers.CreateApiKeyController)
 	app.Post("/session/info", controllers.SessionInfoController)
 
+	if config.ENV == "development" {
+		app.Get("/api_keys", controllers.CreateApiKeyController)
+	}
+
 	masterlog.Info("Starting server", map[string]interface{}{"address": config.Address})
 	if err := app.Listen(config.Address); err != nil {
 		masterlog.Error("failed to start server", map[string]interface{}{"error": err.Error()})
diff --git a/app/middlewares/auth.go b/app/middlewares/auth.go
index f1dd69e..43f7dfe 100644
--- a/app/middlewares/auth.go
+++ b/app/middlewares/auth.go
@@ -8,26 +8,31 @@ import (
 	"git.secnex.io/secnex/auth-api/config"
 	"git.secnex.io/secnex/auth-api/repositories"
 	"git.secnex.io/secnex/auth-api/utils"
+	"git.secnex.io/secnex/masterlog"
 	"github.com/gofiber/fiber/v2"
 )
 
 func AuthMiddleware() fiber.Handler {
 	return func(c *fiber.Ctx) error {
 		if slices.Contains(config.CONFIG.UNPROTECTED_ENDPOINTS, c.Path()) {
+			masterlog.Debug("Unprotected endpoint", map[string]interface{}{"path": c.Path()})
 			return c.Next()
 		}
 		token := c.Get("Authorization")
 		if token == "" {
+			masterlog.Debug("No token provided", map[string]interface{}{"path": c.Path(), "authorization": c.Get("Authorization")})
 			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Unauthorized"})
 		}
 
 		tokenParts := strings.Split(token, " ")
 		if len(tokenParts) != 2 {
+			masterlog.Debug("Invalid token parts", map[string]interface{}{"token_parts": tokenParts})
 			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Unauthorized"})
 		}
 
 		tokenPartType, tokenPartValue := tokenParts[0], tokenParts[1]
 		if tokenPartType != "Bearer" {
+			masterlog.Debug("Invalid token type", map[string]interface{}{"token_type": tokenPartType})
 			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Unauthorized"})
 		}
 
@@ -39,26 +44,32 @@ func AuthMiddleware() fiber.Handler {
 
 		tokenValueParts := strings.Split(tokenValueString, ":")
 		if len(tokenValueParts) != 2 {
+			masterlog.Debug("Invalid API key format", map[string]interface{}{"token_value": tokenValueString})
 			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Unauthorized"})
 		}
 		keyId, keyValue := tokenValueParts[0], tokenValueParts[1]
 		apiKey, err := repositories.GetApiKey(keyId)
 		if err != nil {
+			masterlog.Debug("Error getting API key", map[string]interface{}{"error": err.Error(), "key_id": keyId})
 			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Unauthorized"})
 		}
 		if apiKey == nil {
+			masterlog.Debug("API key not found", map[string]interface{}{"key_id": keyId})
 			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Unauthorized"})
 		}
 
 		valid, err := utils.Verify(keyValue, apiKey.Key)
 		if err != nil {
+			masterlog.Debug("Error verifying API key", map[string]interface{}{"error": err.Error(), "key_id": keyId})
 			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Unauthorized"})
 		}
 		if !valid {
+			masterlog.Debug("Invalid API key", map[string]interface{}{"key_id": keyId})
 			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{"message": "Unauthorized"})
 		}
 
 		c.Locals("key", keyId)
+		masterlog.Debug("API key verified successfully", map[string]interface{}{"key_id": keyId})
 		return c.Next()
 	}
 }
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..e69de29