Skip to content

Epic: Startup Production Readiness & Architecture Hardening #10

Description

@viceda-s

Epic: Architecture Hardening & Production Readiness

🎯 Objective

Upgrade the current backend architecture to meet production-grade standards for scalability, security, and operational resilience. This epic tracks the resolution of key technical debt items and architectural optimizations required for deployment in high-availability cloud environments.


🔒 Security & Reliability

Task 1: Refactor Rate Limiting Strategy for Cloud Proxies

Context: The current rate-limiting implementation relies on the remote address of the incoming request. In a cloud environment, this yields the IP address of the reverse proxy or load balancer, inadvertently aggregating traffic limits across all users.

Task 2: Standardize JWT Exception Handling

Context: Token validation exceptions are currently caught without subsequent logging or propagation, reducing auditability and complicating authentication troubleshooting.


🚀 Performance & Persistence Optimization

Task 3: Optimize Entity Fetching and Eliminate N+1 Queries

Context: The application currently issues sequential database queries when resolving entity collections (e.g., retrieving exercises for a workout plan). Furthermore, default eager fetching on @ManyToOne relationships causes cascading load profiles.

Task 4: Enforce Transactional Boundaries

Context: Service-layer mutations lack explicit transaction boundaries, creating a reliance on the Open Session In View (OSIV) pattern and increasing the risk of data inconsistency during partial failures.

Task 5: Refactor Entity Boilerplate (Lombok)

Context: The usage of @Data on JPA entities automatically generates exhaustive equals(), hashCode(), and toString() methods, which can inadvertently trigger lazy collections and degrade performance.


🛡️ Data Integrity & Error Handling

Task 6: Implement Robust Conflict Resolution (409)

Context: Concurrent registration attempts may trigger unexpected generic internal server errors due to unhandled database unique constraint violations.


📡 API Design Standards

Task 7: Introduce API Versioning and Pagination

Context: To ensure long-term client compatibility and safeguard server memory limits, the API requires versioning and constrained payload sizes on collection endpoints.


🛠️ Operations & Observability

Task 8: Implement Telemetry and Health Checks

Context: The service lacks standard endpoints for orchestration platforms to assess application health and readiness.

Task 9: Establish Integration Testing Infrastructure

Context: Relying strictly on mocked unit tests limits confidence in complex database interactions, transaction lifecycle management, and JPA mappings.

Metadata

Metadata

Assignees

No one assigned

    Labels

    epicEpic tracking issue

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions