fix: resolve production deployment issues and switch to in-memory rate limiting

- Fix CORS configuration to use CORS_ORIGIN env variable
- Switch from Redis-based to in-memory rate limiting for stability
- Fix frontend authentication error handling for public API
- Disable problematic trackingRateLimit middleware
- Update environment configuration for production

This resolves hanging issues with tracking API and enables
frontend forms to work properly on production.

apps/web/src/contexts/AuthContext.tsx

@@ -4,7 +4,7 @@
  * Manages user authentication state and API interactions
  */
 
-import React, { createContext, useContext, useEffect, useState, ReactNode } from 'react';
+import { createContext, useContext, useEffect, useState, ReactNode } from 'react';
 import { useToast } from '@chakra-ui/react';
 import { authApi, AuthUser, LoginRequest, RegisterRequest } from '../services/api';
 
@@ -38,11 +38,13 @@ export function AuthProvider({ children }: AuthProviderProps) {
 
   const checkExistingSession = async () => {
     try {
+      // Check if auth endpoints are available first
       const userData = await authApi.getCurrentUser();
       setUser(userData);
-    } catch (error) {
-      // No existing session or session expired
-      console.log('No existing session');
+    } catch (error: any) {
+      // No existing session, session expired, or auth endpoints not available
+      console.log('Authentication not available or no existing session:', error.message);
+      setUser(null);
     } finally {
       setIsLoading(false);
     }