feat: migrate to DragonflyDB and clean up environment configuration

- Replace Redis with DragonflyDB for better performance and memory efficiency
- Remove redundant environment variables (POSTGRES_*, ENCRYPTION_KEY, OAUTH_SERVICE_URL)
- Consolidate database configuration to use single DB_* variables
- Use JWT_SECRET for both JWT tokens and encryption
- Remove PORT variable redundancy, use BACKEND_PORT consistently
- Clean up docker-compose configurations for dev/prod consistency
- Add DragonflyDB configuration with optimized memory usage
- Remove redis.conf as it's no longer needed
- Update health checks to use Redis-compatible CLI for DragonflyDB
- Add missing VITE_API_URL to production frontend
- Fix GitHub Actions to use correct go.sum path
- Clean up development directories and unused files

backend/middleware/cors.go

@@ -27,27 +27,19 @@ func CORSMiddleware() gin.HandlerFunc {
 		}
 
 		origin := c.Request.Header.Get("Origin")
-		allowed := false
 
+		// Always set CORS headers
 		if allowedOrigins == "*" {
-			allowed = true
+			c.Header("Access-Control-Allow-Origin", "*")
 		} else {
 			for _, allowedOrigin := range strings.Split(allowedOrigins, ",") {
 				if strings.TrimSpace(allowedOrigin) == origin {
-					allowed = true
+					c.Header("Access-Control-Allow-Origin", origin)
 					break
 				}
 			}
 		}
 
-		if allowed {
-			if allowedOrigins == "*" {
-				c.Header("Access-Control-Allow-Origin", "*")
-			} else {
-				c.Header("Access-Control-Allow-Origin", origin)
-			}
-		}
-
 		c.Header("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS")
 		c.Header("Access-Control-Allow-Headers", "Content-Type, Authorization, X-Requested-With")
 		c.Header("Access-Control-Allow-Credentials", "true")