fix: resolve production deployment issues and switch to in-memory rate limiting

- Fix CORS configuration to use CORS_ORIGIN env variable
- Switch from Redis-based to in-memory rate limiting for stability
- Fix frontend authentication error handling for public API
- Disable problematic trackingRateLimit middleware
- Update environment configuration for production

This resolves hanging issues with tracking API and enables
frontend forms to work properly on production.

.env

@@ -1,23 +1,32 @@
+# Production Environment Variables for Redirect Intelligence v2
+# Copy this to .env and customize for your deployment
+
 # Database
-DATABASE_URL="postgresql://postgres:postgres@localhost:5432/redirect_intelligence"
+DB_PASSWORD=R9dbMfTkksXlboeFRD+wtw==
 
-# Redis
-REDIS_URL="redis://localhost:6379"
+# JWT Secret (generate a strong secret)
+JWT_SECRET=syiIpEqLvhXjbpyC2+VccCMfhz6rznIObRdZMfqf7Hg=
 
-# API
-PORT=3333
-NODE_ENV=development
-JWT_SECRET="your-super-secret-jwt-key-change-in-production"
+# CORS Origin (your domain)
+CORS_ORIGIN=https://urltrackertool.com
 
-# Frontend
-WEB_URL="http://localhost:3000"
-REACT_APP_API_URL="http://localhost:3333"
+# API URL for frontend
+VITE_API_URL=https://api.urltrackertool.com
 
-# Optional: Google Safe Browsing API
-GOOGLE_SAFE_BROWSING_API_KEY=""
+# Optional: Monitoring and Analytics
+# SENTRY_DSN=your_sentry_dsn_here
+# ANALYTICS_ID=your_analytics_id_here
 
-# Logging
-LOG_LEVEL=info
+# Optional: Email Configuration (for notifications)
+# SMTP_HOST=smtp.gmail.com
+# SMTP_PORT=587
+# SMTP_USER=your_email@gmail.com
+# SMTP_PASS=your_app_password
 
-# Worker
-WORKER_CONCURRENCY=5
+# Optional: Rate Limiting
+DEFAULT_RATE_LIMIT=100
+AUTHENTICATED_RATE_LIMIT=1000
+
+# Optional: File Upload Limits
+MAX_FILE_SIZE=10485760
+MAX_BULK_URLS=10000