refactor: deepen three architectural seams across auth and metrics#129
Merged
Conversation
Three candidates from the architecture review: 1. HashToken absorbed into TokenUseCase — raw bearer tokens flow directly to Authenticate/Revoke; SHA-256 hashing is internal. TokenService no longer exposes HashToken, and TokenHandler drops its tokenService field. 2. Dead ClientHandler.auditLogUseCase field removed — the dependency was injected but never called across all 294 lines of the handler. 3. Metrics decorators eliminated — BusinessMetrics inlined into all seven use case structs via a named-return defer pattern. metrics.Record gains a nil guard so callers pass nil when metrics are disabled. Deleted 10 decorator files (5 implementations + 5 test files). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
TokenUseCase— raw bearer tokens now flow directly toAuthenticateandRevoke; SHA-256 hashing is an internal implementation detail.TokenService.HashTokenremoved;TokenHandlerand the authentication middleware drop theirtokenServicedependency.ClientHandler.auditLogUseCasefield deleted — the dependency was injected but never called across all 294 lines of the handler; removed from the struct, constructor, and DI wiring.BusinessMetricsinlined into all seven use case structs via a named-return + defer pattern.metrics.Recordgains a nil guard so callers passnilwhen metrics are disabled. Deleted 10 decorator files (5 implementations + 5 test suites, ~2 500 lines).Test plan
make test— 1 447 unit tests passmake test-with-db— 1 717 tests pass (unit + integration)🤖 Generated with Claude Code