feat: add session expiration tracking and validation

feat: implement Redis caching for terminated sessions
feat: add new session GUID queries for validation
refactor: extend Session model with last_refresh_exp_time
refactor: update token generation to include role and session
refactor: modify auth middleware to validate session status
refactor: replace GetUserSessions with GetValidUserSessions
chore: add uuid/v5 dependency
fix: update router to pass dependencies to auth middleware
chore: update SQL schema and queries for new expiration field

backend/internal/utils/jwt.go

@@ -25,22 +25,24 @@ import (
 	"github.com/golang-jwt/jwt/v5"
 )
 
-func GenerateTokens(username string, sessionGuid string) (accessToken, refreshToken string, err error) {
+func GenerateTokens(username string, sessionGuid string, role enums.Role) (accessToken, refreshToken string, err error) {
 	cfg := config.GetConfig()
 
 	accessClaims := jwt.MapClaims{
 		"username": username,
-		"guid": sessionGuid,
+		"role": role,
+		"session": sessionGuid,
 		"type": enums.JwtAccessTokenType,
-		"exp":     time.Now().Add(time.Minute * time.Duration(cfg.JwtExpAccess)).Unix(),
+		"exp": time.Now().Add(time.Minute * time.Duration(cfg.JwtExpAccess)).Unix(),
 	}
 	accessToken, err = jwt.NewWithClaims(jwt.SigningMethodHS256, accessClaims).SignedString([]byte(cfg.JwtSecret))
 
 	refreshClaims := jwt.MapClaims{
 		"username": username,
-		"guid": sessionGuid,
+		"role": role,
+		"session": sessionGuid,
 		"type": enums.JwtRefreshTokenType,
-		"exp":     time.Now().Add(time.Hour * time.Duration(cfg.JwtExpRefresh)).Unix(),
+		"exp": time.Now().Add(time.Hour * time.Duration(cfg.JwtExpRefresh)).Unix(),
 	}
 	refreshToken, err = jwt.NewWithClaims(jwt.SigningMethodHS256, refreshClaims).SignedString([]byte(cfg.JwtSecret))