Skip to content

refactor(server): strip Express to Supabase-ready shell#8

Merged
cH0NKIIs34L merged 2 commits intomainfrom
refactor/supabase-server-cleanup
Apr 13, 2026
Merged

refactor(server): strip Express to Supabase-ready shell#8
cH0NKIIs34L merged 2 commits intomainfrom
refactor/supabase-server-cleanup

Conversation

@cH0NKIIs34L
Copy link
Copy Markdown
Member

@cH0NKIIs34L cH0NKIIs34L commented Apr 13, 2026
edited
Loading

Summary

Remove all Express auth, CRUD, and database layers now superseded by
Supabase, leaving the server as a minimal shell with a health endpoint.

What Changed

  • app.js — removed Passport init, EJS view engine, static assets
  • index.routes.js — replaced all route mounts with GET /api/health
  • app.middleware.js — removed Passport, cookie-parser, static, EJS
  • error.middleware.js — removed clearAuthCookie dependency (auth is Supabase now)
  • server/package.json — removed all Prisma scripts and dead dependencies
  • .github/workflows/ci.yml — removed PostgreSQL service container, DATABASE_URL, and Prisma steps
  • Deleted: all route files, all controllers, all validators, Passport config, cookie utilities, all db/queries files, pool.js, prisma.js, all related integration and unit tests

What

This PR reduces the Express server to a minimal shell — CORS, body
parsing, error handling, and a single health check endpoint — with all
auth and CRUD concerns now owned by Supabase on the client side.

Why

The server previously owned auth (Passport/JWT), all database access
(Prisma/pg), and cookie management. With those concerns migrated to
Supabase in Epics 2 and 3, the remaining server code is dead weight
that would break on startup due to missing environment variables and
uninstalled packages.

How

  • All deleted files are pure dead code after the Supabase migration —
    nothing in the client imports from server routes or controllers
  • error.middleware.js no longer calls clearAuthCookie since there
    is no cookie-based auth session to clear
  • app.middleware.js retains only CORS and body parsing — the minimum
    needed for a JSON API server
  • The CI pipeline test-server job no longer provisions a PostgreSQL
    service container or sets DATABASE_URL / JWT_SECRET, since the
    server has no database connection
  • server/package.json retains only express, cors, dotenv,
    @supabase/supabase-js, and the dev toolchain — all Prisma, Passport,
    bcrypt, JWT, pg, and express-validator packages removed
  • The two remaining test files (app.middleware.test.js and
    error.middleware.test.js) are updated to remove mocks for deleted
    dependencies so they pass cleanly

Testing

  • Verified GET /api/health returns { status: "ok" } with a 200
  • Verified npm test passes in server/ with only middleware tests remaining
  • Verified npm install runs clean after package.json cleanup

Pre-Merge Checklist

  • Synced with main before opening this PR
  • All tests pass locally (npm test in both client/ and server/)
  • No console.log left in production code
  • Self-reviewed my own diff before requesting review
  • Added or updated tests for the changes made
  • No new ESLint errors (npm run lint)

@cH0NKIIs34L
refactor(server): strip Express to health-check shell
b0c56d4 
All auth, user, admin, and search logic previously handled by
Express is now managed directly by Supabase on the client side.
The server no longer owns any database access or auth concerns,
so keeping those routes and controllers creates dead code and
leaves unused dependencies in the bundle.

This removes all route handlers, controllers, validators, Passport
config, cookie utilities, and the Prisma/pg database layer, leaving
a minimal Express app that serves a single GET /api/health endpoint.
@cH0NKIIs34L
chore(server): remove Prisma artefacts and update docs for Supabase
aef1a24 
Prisma config, migrations, schema, and the generated client output
are no longer relevant now that Supabase owns the database. The CI
pipeline still referenced a PostgreSQL service container and
DATABASE_URL that no longer exist. The setup guide still walked
through PostgreSQL local installation which is no longer the setup
path for this project.
@cH0NKIIs34L cH0NKIIs34L merged commit 2e59b84 into main Apr 13, 2026
1 of 2 checks passed
@cH0NKIIs34L cH0NKIIs34L deleted the refactor/supabase-server-cleanup branch April 13, 2026 01:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

chore refactor

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@cH0NKIIs34L