centralize authentication session resolution

[ash1shkumar]

📝 Description

This PR improves authentication architecture by introducing reusable session resolution and validation helpers within the authentication middleware.

Previously, session resolution and user validation were performed directly within the middleware execution flow. As authentication capabilities expand and additional authorization workflows are introduced, maintaining consistency across authentication operations can become increasingly difficult.

Changes Implemented

• Introduced centralized session resolution helper
• Added reusable authentication validation helper
• Consolidated session lookup workflow
• Improved separation between token extraction, session resolution, and validation
• Reduced authentication workflow duplication
• Enhanced maintainability of authentication middleware

Benefits

• Improved authentication consistency
• Cleaner session resolution architecture
• Reduced duplication of authentication logic
• Better maintainability
• Improved extensibility for future authentication features
• Easier debugging and validation management

🎯 Type of Change

• Refactoring
• Code Quality Improvement
• Maintainability Enhancement

✅ Testing

• Verified valid authentication tokens continue to authorize requests
• Verified invalid tokens continue to return unauthorized responses
• Verified missing authorization headers remain properly handled
• Verified session resolution behavior remains unchanged
• Verified authenticated user injection into request object remains functional
• Verified middleware error handling remains intact
• Verified protected route behavior remains unchanged

Fixes #211

Expected Labels

level3 NSoC'26

[vercel]

@ash1shkumar is attempting to deploy a commit to the shreemp194-gmailcom's projects Team on Vercel.

A member of the Team first needs to authorize it.

[github-actions]

👋 Thank you for opening this pull request! I will review your changes and assist you soon.