Implement session check usage tracking for /check endpoint

[Copilot]

This PR implements a comprehensive session check usage tracking system that monitors calls to the /check endpoint for user activity analysis. The implementation provides in-memory logging with periodic flushing to persistent storage.

Key Features

• In-memory logging: Captures session check requests in a thread-safe in-memory data structure
• Comprehensive data capture: Logs timestamp, session token, user identity, userId, username, and email for correlation with external systems
• Periodic persistence: Automatically flushes logs to storage at configurable intervals (default: 60 seconds)
• Smart filtering: Only logs successful check requests - expired sessions and disabled users are automatically excluded
• Non-blocking operation: Persistence runs in background goroutines to prevent user experience disruption
• Configurable: Can be enabled/disabled via configuration with customizable flush intervals

Implementation Details

The solution adds a new UsageTracking configuration section:

{
  "UsageTracking": {
    "enabled": false,
    "flush_interval": 60
  }
}

Key components:

• CheckUsageTracker: Manages in-memory storage and periodic flushing
• CheckLogEntry: Structured log entry with all required fields
• Integration into httpHandlerCheck: Logs successful requests after validation
• Graceful shutdown: Ensures final flush before application termination

Security & Performance Considerations

• Session tokens are logged for correlation purposes and should be treated as sensitive data
• Thread-safe operations with proper mutex protection
• Error handling ensures logging failures don't impact user authentication
• Memory-efficient with regular flushing to prevent unbounded growth
• Follows existing code patterns and integrates seamlessly with ImqsCentral

Testing & Documentation

• Comprehensive unit tests covering enabled/disabled states and edge cases
• Updated example configuration file
• Complete documentation including security considerations
• Updated package documentation (doc.go) with configuration examples

The feature is disabled by default for backward compatibility and can be easily enabled in production environments.

Fixes #105.

---

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

Refs: ASG-4837

[bosvos]

@copilot i've noticed that the flush() function makes a copy and then clears the original - before confirming that the logs were able to be persisted. Though not critical and i understand that this is mainly for performance reasons - is there an elegant way to walk back the logs on failure or change the order without affecting the performance too much.

[Copilot]

@copilot i've noticed that the flush() function makes a copy and then clears the original - before confirming that the logs were able to be persisted. Though not critical and i understand that thi...

Good point! I've improved the flush() function to handle persistence failures more gracefully. The solution:

1. Added flushing flag to prevent concurrent flush operations
2. Only clears logs after successful persistence - if persistence fails, logs remain in memory for retry
3. Handles new logs during persistence - correctly removes only the persisted portion
4. Maintains async performance - still uses goroutines to avoid blocking

Key changes in commit 115d2fc:

• Logs are preserved on persistence failure
• Added comprehensive test for failure scenarios
• Thread-safe handling of concurrent access during flush

This ensures data isn't lost while maintaining the performance benefits of async persistence.

[LeonLeibbrandt]

LGTM.

Make sure you update the go.mod file before merging.

[FritzOnFire]

Two small changes, but everything else LGTM

[FritzOnFire]

We should never have any executables in this repo. So we should rather change this to *.exe

[FritzOnFire]

I think we can remove this line.