fix: Pass initialized session to verifyMiddleware

[thostetler]

verifyMiddleware created a new session instance instead of reusing the initialized one, this caused a race condition where verify endpoints couldn't access the token

Solution

• Pass session as parameter to verifyMiddleware
• Reuse the session initialized in main middleware
• Updated all tests to pass session directly

Testing

This was affecting the verify workflow

1. Register for a new account on dev
2. Get the verify link from your email
3. Change the domain to localhost and try to curl it (loading in the browser doesn't trigger the bug)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 72.3%. Comparing base (ad159a6) to head (52cb936).

Additional details and impacted files

@@           Coverage Diff            @@
##           master    #742     +/-   ##
========================================
+ Coverage    72.3%   72.3%   +0.1%     
========================================
  Files         221     220      -1     
  Lines       24803   24752     -51     
  Branches     1463    1462      -1     
========================================
- Hits        17929   17894     -35     
+ Misses       6833    6817     -16     
  Partials       41      41             

Files with missing lines	Coverage Δ
src/middleware.ts	94.7% <100.0%> (ø)
src/middlewares/verifyMiddleware.ts	91.8% <100.0%> (-0.1%)	⬇️

... and 2 files with indirect coverage changes

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.