fix: secure session handling and landing page redirect

[Vasist10]

Description

• Increase session cookie lifetime to 30 days.

• Fix secure cookie handling behind ingress using dynamic Secure flag and helper save function.

• Inject authenticated user credentials into request headers/body using AuthMiddleware so handlers always receive correct user info.

• Fixes: I have to log in all the time #417

Checklist

• Ran npx prettier --write . (for formatting)
• Ran gofmt -w . (for Go backend)
• Ran npm test (for JS/TS testing)
• Added unit tests, if applicable
• Verified all tests pass
• Updated documentation, if needed

Additional Notes

[github-actions]

Thank you for opening this PR!

Before a maintainer takes a look, it would be really helpful if you could walk through your changes using GitHub's review tools.

Please take a moment to:

• Check the "Files changed" tab
• Leave comments on any lines for functions, comments, etc. that are important, non-obvious, or may need attention
• Clarify decisions you made or areas you might be unsure about and/or any future updates being considered.
• Finally, submit all the comments!

More information on how to conduct a self review:
https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/reviewing-proposed-changes-in-a-pull-request

This helps make the review process smoother and gives us a clearer understanding of your thought process.

Once you've added your self-review, we'll continue from our side. Thank you!

[its-me-abhishek]

can we have some tests for this? since it is a critical function

[Vasist10]

@its-me-abhishek The CI failure was in date-time-picker.test.tsx ,the test hardcoded February 2026 as the expected calendar month, so it fails every month that isn't February

after fixing this , all the tests pass successfully.
should i commit the fix?