Enhance error handling, logging, and configuration

[moutonjeremy]

This pull request introduces several improvements across configuration, error handling, and security, along with enhanced documentation and operational robustness. The most significant changes are summarized below.

Documentation and Configuration Improvements:

• The README.md now includes comprehensive setup instructions, environment/configuration options, Docker usage, and WebSocket collaboration details, making it much easier for new users to get started and configure the application. (README.md)
• The example config file (config-example.yaml) has been expanded with detailed comments and examples for CORS, database (including PostgreSQL), and session settings. (config-example.yaml)

Security and Access Control:

• WebSocket collaboration handlers now enforce per-room resource access checks, ensuring only authorized users can join rooms based on their permissions. This includes a new canAccessRoom method and improved JWT validation. (infrastructure/collaboration/handler.go) [1] [2] [3] [4]
• Session token validation logs now avoid printing sensitive token values and instead log session IDs, reducing risk of leaking secrets. (application/session/validate.go)

Operational Robustness and Error Handling:

• All goroutines that execute actions or deliver webhooks are now wrapped with panic recovery to prevent a single panicking action/webhook from crashing the process. (application/action/execute_actions.go, application/webhook/trigger_webhooks.go) [1] [2]
• Database connection pooling is now explicitly configured for better performance and stability, including max connections and connection lifetimes. (infrastructure/database/gorm.go)
• Improved error handling when marshaling/unmarshaling action steps and reading webhook HTTP response bodies, including limiting the size of logged response bodies. (application/action/execute_actions.go, application/webhook/trigger_webhooks.go) [1] [2]
• The MapStructByFieldNames helper now returns errors instead of panicking, making it safer to use. (infrastructure/helpers/mapper/map_struct_by_field_names.go) [1] [2]

Configuration Options:

• Added support for configuring allowed CORS origins via environment variable, CLI flag, or config file, with clear documentation and defaults. (infrastructure/config/config.go, infrastructure/config/http_flags.go) [1] [2]

Data Handling Improvements:

• The JSONB and JSONBArray types now validate input types in their Scan methods, providing clearer error messages if the database returns unexpected types. (domain/common.go) [1] [2]

These changes collectively improve the application's usability, reliability, and security.Improve error handling and logging throughout the application. Introduce CORS configuration options and enhance stability by validating session secret keys and property names. Update HTTP server settings for better performance and security.