fix: fixes to session storage

backend/cmd/server/main.go

@@ -6,6 +6,7 @@ import (
 	"log"
 	"net/http"
 	"os"
+	"strconv"
 	"strings"
 	"time"
 
@@ -19,6 +20,7 @@ import (
 	"github.com/noteapp/backend/internal/infrastructure/security"
 	"github.com/noteapp/backend/internal/interfaces/handlers"
 	"github.com/noteapp/backend/internal/interfaces/middleware"
+	"github.com/redis/go-redis/v9"
 	"go.mongodb.org/mongo-driver/v2/bson"
 )
 
@@ -47,6 +49,30 @@ func main() {
 		port = "8080"
 	}
 
+	redisAddr := os.Getenv("REDIS_ADDR")
+	if redisAddr == "" {
+		redisAddr = "localhost:6379"
+	}
+
+	redisPassword := os.Getenv("REDIS_PASSWORD")
+	redisDB := 0
+	if redisDBText := os.Getenv("REDIS_DB"); redisDBText != "" {
+		parsedDB, err := strconv.Atoi(redisDBText)
+		if err != nil {
+			log.Fatalf("invalid REDIS_DB value: %v", err)
+		}
+		redisDB = parsedDB
+	}
+
+	sessionTTL := 7 * 24 * time.Hour
+	if sessionTTLText := os.Getenv("SESSION_TTL_HOURS"); sessionTTLText != "" {
+		hours, err := strconv.Atoi(sessionTTLText)
+		if err != nil || hours <= 0 {
+			log.Fatalf("invalid SESSION_TTL_HOURS value: %q", sessionTTLText)
+		}
+		sessionTTL = time.Duration(hours) * time.Hour
+	}
+
 	// Connect to database
 	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
 	defer cancel()
@@ -57,6 +83,19 @@ func main() {
 	}
 	defer db.Close(context.Background())
 
+	redisClient := redis.NewClient(&redis.Options{
+		Addr:     redisAddr,
+		Password: redisPassword,
+		DB:       redisDB,
+	})
+
+	if err := redisClient.Ping(context.Background()).Err(); err != nil {
+		log.Fatalf("failed to connect to redis: %v", err)
+	}
+	defer func() {
+		_ = redisClient.Close()
+	}()
+
 	// Initialize security components
 	passwordHasher := security.NewPasswordHasher()
 	encryptor, err := security.NewEncryptor(encryptionKey)
@@ -66,6 +105,7 @@ func main() {
 
 	// Initialize JWT manager
 	jwtManager := auth.NewJWTManager(jwtSecret, "noteapp", 1*time.Hour)
+	sessionManager := auth.NewSessionManager(redisClient, sessionTTL)
 
 	// Initialize services
 	permissionService := services.NewPermissionService(
@@ -143,7 +183,7 @@ func main() {
 	}
 
 	// Initialize handlers
-	authHandler := handlers.NewAuthHandler(authService)
+	authHandler := handlers.NewAuthHandler(authService, sessionManager)
 	spaceHandler := handlers.NewSpaceHandler(spaceService)
 	noteHandler := handlers.NewNoteHandler(noteService)
 	categoryHandler := handlers.NewCategoryHandler(categoryService)
@@ -160,7 +200,7 @@ func main() {
 	})
 
 	// Middleware
-	authMiddleware := middleware.NewAuthMiddleware(jwtManager)
+	authMiddleware := middleware.NewAuthMiddleware(jwtManager, sessionManager)
 	router.Use(middleware.LoggingMiddleware)
 	router.Use(middleware.CORSMiddleware)
 	router.Use(middleware.SecurityHeaders)
@@ -187,6 +227,7 @@ func main() {
 	// Protected endpoints
 	api := router.PathPrefix("/api/v1").Subrouter()
 	api.Use(authMiddleware.Middleware)
+	api.HandleFunc("/auth/me", authHandler.Me).Methods("GET")
 
 	// Space endpoints
 	api.HandleFunc("/spaces", spaceHandler.GetUserSpaces).Methods("GET")