patrick/sojorn
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
sojorn/sojorn_docs/troubleshooting/READ_FIRST.md
Patrick Britton 38653f5854 Sojorn Backend Finalization & Cleanup - Complete Migration from Supabase 
##  Phase 1: Critical Feature Completion (Beacon Voting)
- Add VouchBeacon, ReportBeacon, RemoveBeaconVote methods to PostRepository
- Implement beacon voting HTTP handlers with confidence score calculations
- Register new beacon routes: /beacons/:id/vouch, /beacons/:id/report, /beacons/:id/vouch (DELETE)
- Auto-flag beacons at 5+ reports, confidence scoring (0.5 base + 0.1 per vouch)

##  Phase 2: Feed Logic & Post Distribution Integrity
- Verify unified feed logic supports all content types (Standard, Quips, Beacons)
- Ensure proper distribution: Profile Feed + Main/Home Feed for followers
- Beacon Map integration for location-based content
- Video content filtering for Quips feed

##  Phase 3: The Notification System
- Create comprehensive NotificationService with FCM integration
- Add CreateNotification method to NotificationRepository
- Implement smart deep linking: beacon_map, quip_feed, main_feed
- Trigger notifications for beacon interactions and cross-post comments
- Push notification logic with proper content type detection

##  Phase 4: The Great Supabase Purge
- Delete function_proxy.go and remove /functions/:name route
- Remove SupabaseURL, SupabaseKey from config.go
- Remove SupabaseID field from User model
- Clean all Supabase imports and dependencies
- Sanitize codebase of legacy Supabase references

##  Phase 5: Flutter Frontend Integration
- Implement vouchBeacon(), reportBeacon(), removeBeaconVote() in ApiService
- Replace TODO delay in video_comments_sheet.dart with actual publishComment call
- Fix compilation errors (named parameters, orphaned child properties)
- Complete frontend integration with Go API endpoints

##  Additional Improvements
- Fix compilation errors in threaded_comment_widget.dart (orphaned child property)
- Update video_comments_sheet.dart to use proper named parameters
- Comprehensive error handling and validation
- Production-ready notification system with deep linking

##  Migration Status: 100% Complete
- Backend: Fully migrated from Supabase to custom Go/Gin API
- Frontend: Integrated with new Go endpoints
- Notifications: Complete FCM integration with smart routing
- Database: Clean of all Supabase dependencies
- Features: All functionality preserved and enhanced

Ready for VPS deployment and production testing!
2026-01-30 09:24:31 -06:00

49 lines
2.6 KiB
Markdown
Raw Blame History

# ARCHITECTURAL CONSTRAINT: SUPABASE AUTHENTICATION & TOKEN MANAGEMENT
**CRITICAL RULE:** You are STRICTLY FORBIDDEN from implementing manual JWT refresh logic, manual token expiration checks, or custom 401 retry loops in `ApiService` or any other service.
**Context:**
The Supabase Flutter SDK (`supabase_flutter`) manages the session lifecycle, token refreshing, and persistence automatically. Previous attempts to manually refresh sessions created a race condition with the SDK, triggering Supabase's "Token Reuse Detection," which invalidates the user's entire session family and logs them out.
**Enforcement Guidelines:**
1. **NO Manual Refreshes:**
* Never call `supabase.auth.refreshSession()` manually inside API interceptors or service methods.
* Never strictly check `session.expiresAt` before making a call. Trust the SDK to handle the header.
* **Forbidden Pattern:** `if (tokenExpired) await refreshSession();`
2. **NO Custom 401 Handling:**
* Do not wrap API calls in `try/catch` blocks that specifically catch `401 Unauthorized` to attempt a re-login or refresh.
* If a `401` occurs, allow the error to bubble up. The app's `AuthGate` (listening to the `onAuthStateChange` stream) will handle the logout naturally.
3. **Required Initialization Pattern (`main.dart`):**
* Always initialize Supabase with the PKCE flow to ensure stability on mobile.
* **Code Standard:**
```dart
await Supabase.initialize(
url: ...,
anonKey: ...,
authOptions: const FlutterAuthClientOptions(
authFlowType: AuthFlowType.pkce, // MANDATORY
autoRefreshToken: true,
),
);
```
4. **Required Edge Function Call Pattern (`api_service.dart`):**
* Use the SDK's `functions.invoke` method. It automatically injects the correct, fresh Bearer token.
* **Code Standard:**
```dart
// DO THIS:
final response = await _supabase.functions.invoke('function-name', ...);
// DO NOT DO THIS:
// final token = _supabase.auth.currentSession.accessToken;
// final response = http.post(..., headers: {'Authorization': 'Bearer $token'});
```
5. **State Management (`auth_provider.dart`):**
* User state must always be derived reactively from `supabase.auth.authStateChanges`. Never rely on a static `User?` variable that might become stale.
**Correction Protocol:**
If you encounter code that violates these rules (e.g., variables like `_refreshCooldown` or `_refreshInFlight`), **DELETE IT IMMEDIATELY** and refactor to use the standard SDK methods.
Reference in a new issue View git blame Copy permalink