fix: use SameSite=None; Secure on HF Spaces to allow cross-site iframe cookies

fix: in-memory session fallback when Redis is unreachable

fix: add timeouts to Redis and Supabase DB calls in login endpoint

feat: add confluence/slack search tools, chat history, cloud Qdrant support, sync trigger fixes

feat: channel RBAC through ingest, graph stream, admin endpoints, email invite

feat: implement Google OAuth2 SSO integration with user management and callback handling

feat: RBAC foundation — workspaces, channels, role-based access

Fix team_id: use 'default' to match ingested data

feat: add Zustand stores for filters and UI state management