refactor(core): strip middleware of in-memory dependency injection

fulleni · fulleni · commit 50f101edb28a · 2025-07-06T10:03:33.000+01:00
Removes all repository and service instantiation from the root middleware. This is a preparatory step for centralizing dependency injection in `server.dart`. The API is temporarily broken by this change.
diff --git a/routes/_middleware.dart b/routes/_middleware.dart
@@ -1,25 +1,7 @@
 import 'package:dart_frog/dart_frog.dart';
 import 'package:ht_api/src/middlewares/error_handler.dart';
-import 'package:ht_api/src/rbac/permission_service.dart';
-import 'package:ht_api/src/registry/model_registry.dart';
-import 'package:ht_api/src/services/auth_service.dart';
-import 'package:ht_api/src/services/auth_token_service.dart';
-import 'package:ht_api/src/services/dashboard_summary_service.dart';
-import 'package:ht_api/src/services/default_user_preference_limit_service.dart';
-import 'package:ht_api/src/services/jwt_auth_token_service.dart';
-import 'package:ht_api/src/services/token_blacklist_service.dart';
-import 'package:ht_api/src/services/user_preference_limit_service.dart';
-import 'package:ht_api/src/services/verification_code_storage_service.dart';
-import 'package:ht_data_inmemory/ht_data_inmemory.dart';
-import 'package:ht_data_repository/ht_data_repository.dart';
-import 'package:ht_email_inmemory/ht_email_inmemory.dart';
-import 'package:ht_email_repository/ht_email_repository.dart';
-import 'package:ht_shared/ht_shared.dart';
 import 'package:uuid/uuid.dart';
 
-// Assuming a fixed ID for the AppConfig document
-const String _appConfigId = 'app_config';
-
 // --- Request ID Wrapper ---
 
 /// {@template request_id}
@@ -62,296 +44,22 @@ class RequestId {
   final String id;
 }
 
-// --- Repository Creation Logic ---
-HtDataRepository<Headline> _createHeadlineRepository() {
-  print('Initializing Headline Repository...');
-  final initialData = headlinesFixturesData.map(Headline.fromJson).toList();
-  final client = HtDataInMemory<Headline>(
-    toJson: (i) => i.toJson(),
-    getId: (i) => i.id,
-    initialData: initialData,
-  );
-  print('Headline Repository Initialized with ${initialData.length} items.');
-  return HtDataRepository<Headline>(dataClient: client);
-}
-
-HtDataRepository<Category> _createCategoryRepository() {
-  print('Initializing Category Repository...');
-  final initialData = categoriesFixturesData.map(Category.fromJson).toList();
-  final client = HtDataInMemory<Category>(
-    toJson: (i) => i.toJson(),
-    getId: (i) => i.id,
-    initialData: initialData,
-  );
-  print('Category Repository Initialized with ${initialData.length} items.');
-  return HtDataRepository<Category>(dataClient: client);
-}
-
-HtDataRepository<Source> _createSourceRepository() {
-  print('Initializing Source Repository...');
-  final initialData = sourcesFixturesData.map(Source.fromJson).toList();
-  final client = HtDataInMemory<Source>(
-    toJson: (i) => i.toJson(),
-    getId: (i) => i.id,
-    initialData: initialData,
-  );
-  print('Source Repository Initialized with ${initialData.length} items.');
-  return HtDataRepository<Source>(dataClient: client);
-}
-
-HtDataRepository<Country> _createCountryRepository() {
-  print('Initializing Country Repository...');
-  final initialData = countriesFixturesData.map(Country.fromJson).toList();
-  final client = HtDataInMemory<Country>(
-    toJson: (i) => i.toJson(),
-    getId: (i) => i.id,
-    initialData: initialData,
-  );
-  print('Country Repository Initialized with ${initialData.length} items.');
-  return HtDataRepository<Country>(dataClient: client);
-}
-
-HtDataRepository<User> _createAdminUserRepository() {
-  print('Initializing User Repository with Admin...');
-  // This assumes `adminUserFixtureData` is available from `ht_shared`.
-  final initialData = usersFixturesData;
-  final client = HtDataInMemory<User>(
-    toJson: (u) => u.toJson(),
-    getId: (u) => u.id,
-    initialData: initialData,
-  );
-  print('User Repository Initialized with admin user.');
-  return HtDataRepository<User>(dataClient: client);
-}
-
-// New repositories for user settings and preferences
-HtDataRepository<UserAppSettings> _createUserAppSettingsRepository() {
-  print('Initializing UserAppSettings Repository...');
-  final client = HtDataInMemory<UserAppSettings>(
-    toJson: (i) => i.toJson(),
-    getId: (i) => i.id,
-    // User settings are created on demand, no initial fixture needed
-  );
-  print('UserAppSettings Repository Initialized.');
-  return HtDataRepository<UserAppSettings>(dataClient: client);
-}
-
-HtDataRepository<UserContentPreferences>
-_createUserContentPreferencesRepository() {
-  print('Initializing UserContentPreferences Repository...');
-  final client = HtDataInMemory<UserContentPreferences>(
-    toJson: (i) => i.toJson(),
-    getId: (i) => i.id,
-    // User preferences are created on demand, no initial fixture needed
-  );
-  print('UserContentPreferences Repository Initialized.');
-  return HtDataRepository<UserContentPreferences>(dataClient: client);
-}
-
-HtDataRepository<AppConfig> _createAppConfigRepository() {
-  print('Initializing AppConfig Repository...');
-  final initialData = [
-    AppConfig.fromJson(appConfigFixtureData),
-  ]; // Assuming one config
-  final client = HtDataInMemory<AppConfig>(
-    toJson: (i) => i.toJson(),
-    getId: (i) => i.id,
-    initialData: initialData,
-  );
-  print('AppConfig Repository Initialized.');
-  return HtDataRepository<AppConfig>(dataClient: client);
-}
-
-/// Middleware to asynchronously load and provide the AppConfig.
-Middleware _appConfigProviderMiddleware() {
-  return (handler) {
-    return (context) async {
-      // Read the AppConfigRepository from the context
-      final appConfigRepository = context.read<HtDataRepository<AppConfig>>();
-      // Read the AppConfig instance
-      final appConfig = await appConfigRepository.read(id: _appConfigId);
-      // Provide the AppConfig instance to downstream handlers/middleware
-      return handler(context.provide<AppConfig>(() => appConfig));
-    };
-  };
-}
-
 // --- Middleware Definition ---
 Handler middleware(Handler handler) {
-  // Initialize repositories when middleware is first created
-  // This ensures they are singletons for the server instance.
-  final headlineRepository = _createHeadlineRepository();
-  final categoryRepository = _createCategoryRepository();
-  final sourceRepository = _createSourceRepository();
-  final countryRepository = _createCountryRepository();
-  final userSettingsRepository = _createUserAppSettingsRepository(); // New
-  final userContentPreferencesRepository =
-      _createUserContentPreferencesRepository();
-  final appConfigRepository = _createAppConfigRepository();
-
-  // Instantiate the new DashboardSummaryService with its dependencies
-  final dashboardSummaryService = DashboardSummaryService(
-    headlineRepository: headlineRepository,
-    categoryRepository: categoryRepository,
-    sourceRepository: sourceRepository,
-  );
-  print('[MiddlewareSetup] DashboardSummaryService instantiated.');
-
-  const uuid = Uuid();
-
-  // --- Auth Dependencies ---
-  // User Repo with pre-loaded admin user
-  final userRepository = _createAdminUserRepository();
-  print('[MiddlewareSetup] HtDataRepository<User> with admin user instantiated.');
-  // Email Repo (using InMemory)
-  const emailRepository = HtEmailRepository(
-    emailClient: HtEmailInMemoryClient(),
-  );
-  print('[MiddlewareSetup] HtEmailRepository instantiated.');
-  // Auth Services (using JWT and in-memory implementations)
-  final tokenBlacklistService = InMemoryTokenBlacklistService();
-  print('[MiddlewareSetup] InMemoryTokenBlacklistService instantiated.');
-  // Instantiate the JWT service, passing its dependencies
-  final authTokenService = JwtAuthTokenService(
-    userRepository: userRepository,
-    blacklistService: tokenBlacklistService,
-    uuidGenerator: uuid,
-  );
-  print('[MiddlewareSetup] JwtAuthTokenService instantiated.');
-  final verificationCodeStorageService =
-      InMemoryVerificationCodeStorageService();
-  print(
-    '[MiddlewareSetup] InMemoryVerificationCodeStorageService instantiated.',
-  );
-  final authService = AuthService(
-    userRepository: userRepository,
-    authTokenService: authTokenService,
-    verificationCodeStorageService: verificationCodeStorageService,
-    emailRepository: emailRepository,
-    userAppSettingsRepository: userSettingsRepository,
-    userContentPreferencesRepository: userContentPreferencesRepository,
-    uuidGenerator: uuid,
-  );
-  print('[MiddlewareSetup] AuthService instantiated.');
-
-  // --- RBAC Dependencies ---
-  const permissionService = PermissionService();
-
-  // --- User Preference Limit Service ---
-  final userPreferenceLimitService = DefaultUserPreferenceLimitService(
-    appConfigRepository: appConfigRepository,
-  );
-  print('[MiddlewareSetup] DefaultUserPreferenceLimitService instantiated.');
-
-  // ==========================================================================
-  // IMPORTANT: The order of middleware matters significantly!
-  // Middleware is applied in layers (like an onion). A request flows "in"
-  // through the chain, hits the route handler, and the response flows "out".
-  // Providers must be added *before* the middleware/handlers that read them.
-  // Error handlers should typically be placed late in the "request" phase
-  // (or early in the "response" phase) to catch errors from upstream.
-  // ==========================================================================
+  // This middleware chain will be rebuilt in a later step.
+  // For now, it only provides a request ID and basic error handling.
   return handler
-      // Add the asynchronous AppConfig provider middleware here
-      .use(_appConfigProviderMiddleware())
-      // --- 1. Request ID Provider (Early Setup) ---
-      // PURPOSE: Generates a unique ID (UUID v4) for each incoming request.
-      //          Provides `RequestId` instance via context.
-      // ORDER:   Placed *very early* so the ID is available for logging and
-      //          tracing throughout the entire request lifecycle in all
-      //          subsequent middleware and handlers.
-      .use((innerHandler) {
-        return (context) {
-          final requestIdValue = uuid.v4();
-          final requestId = RequestId(requestIdValue);
-          // Provide the RequestId instance to downstream handlers/middleware
-          return innerHandler(context.provide<RequestId>(() => requestId));
-        };
-      })
-      // --- 2. Model Registry Provider (Early Setup) ---
-      // PURPOSE: Provides the `ModelRegistry` map for dynamic JSON
-      //          serialization/deserialization lookups.
-      // ORDER:   Needed by some repository clients or handlers dealing with
-      //          generic data types. Placed early, after RequestId.
-      .use(modelRegistryProvider)
-      // --- 3. Repository Providers (Core Data Access) ---
-      // PURPOSE: Provide singleton instances of all data repositories.
-      // ORDER:   These MUST be provided BEFORE any middleware or route handlers
-      //          that need to interact with data (e.g., AuthService,
-      //          authenticationProvider indirectly via AuthService/TokenService,
-      //          specific route logic).
-      .use(provider<HtDataRepository<Headline>>((_) => headlineRepository))
-      .use(provider<HtDataRepository<Category>>((_) => categoryRepository))
-      .use(provider<HtDataRepository<Source>>((_) => sourceRepository))
-      .use(provider<HtDataRepository<Country>>((_) => countryRepository))
-      .use(
-        provider<HtDataRepository<User>>((_) => userRepository),
-      ) // Used by Auth services
-      .use(
-        provider<HtEmailRepository>((_) => emailRepository),
-      ) // Used by AuthService
-      // New Repositories for User Settings and Preferences
-      .use(
-        provider<HtDataRepository<UserAppSettings>>(
-          (_) => userSettingsRepository,
-        ),
-      )
-      .use(
-        provider<HtDataRepository<UserContentPreferences>>(
-          (_) => userContentPreferencesRepository,
-        ),
-      )
-      .use(provider<HtDataRepository<AppConfig>>((_) => appConfigRepository))
-      // ORDER:   These MUST be provided BEFORE `authenticationProvider` and
-      //          any route handlers that perform authentication/authorization.
-      //          - `Uuid` is used by `AuthService` and `JwtAuthTokenService`.
-      //          - `AuthTokenService` is read by `authenticationProvider`.
-      //          - `AuthService` uses several repositories and `AuthTokenService`.
-      //          - `VerificationCodeStorageService` is used by `AuthService`.
-      //          - `TokenBlacklistService` is used by `JwtAuthTokenService`.
-      .use(provider<Uuid>((_) => uuid)) // Read by AuthService & TokenService
-      .use(
-        provider<TokenBlacklistService>((_) => tokenBlacklistService),
-      ) // Read by AuthTokenService
-      .use(
-        provider<AuthTokenService>((_) => authTokenService),
-      ) // Read by AuthService
-      .use(
-        provider<VerificationCodeStorageService>(
-          (_) => verificationCodeStorageService,
-        ),
-      ) // Read by AuthService
-      .use(
-        provider<AuthService>((_) => authService),
-      ) // Reads other services/repos
-      .use(provider<DashboardSummaryService>((_) => dashboardSummaryService))
-      // --- 5. RBAC Service Provider ---
-      // PURPOSE: Provides the PermissionService for authorization checks.
-      // ORDER:   Must be provided before any middleware or handlers that use it
-      //          (e.g., authorizationMiddleware).
-      .use(provider<PermissionService>((_) => permissionService))
-      // --- 6. User Preference Limit Service Provider --- // New
-      // PURPOSE: Provides the service for enforcing user preference limits.
-      // ORDER:   Must be provided before any handlers that use it (specifically
-      //          the generic data route handlers for UserContentPreferences).
       .use(
-        provider<UserPreferenceLimitService>((_) => userPreferenceLimitService),
+        (innerHandler) {
+          return (context) {
+            // In a later step, the Uuid instance will be provided from server.dart
+            // For now, we create it here.
+            const uuid = Uuid();
+            final requestId = RequestId(uuid.v4());
+            return innerHandler(context.provide<RequestId>(() => requestId));
+          };
+        },
       )
-      // --- 7. Request Logger (Logging) ---
-      // PURPOSE: Logs details about the incoming request and outgoing response.
-      // ORDER:   Often placed late in the request phase / early in the response
-      //          phase. Placing it here logs the request *before* the handler
-      //          runs and the response *after* the handler (and error handler)
-      //          completes. Can access `RequestId` and potentially `User?`.
       .use(requestLogger())
-      // --- 8. Error Handler (Catch-All) ---
-      // PURPOSE: Catches exceptions thrown by upstream middleware or route
-      //          handlers and converts them into standardized JSON error responses.
-      // ORDER:   MUST be placed *late* in the chain (typically last before the
-      //          actual handler is invoked by the framework, or first in the
-      //          response processing flow) so it can catch errors from
-      //          everything that came before it (providers, auth middleware,
-      //          route handlers). If placed too early, it won't catch errors
-      //          from middleware/handlers defined after it.
       .use(errorHandler());
 }
