flutter-news-app-full-source-code · fulleni · Oct 24, 2025 · Oct 24, 2025 · Oct 24, 2025
diff --git a/README.md b/README.md
@@ -17,92 +17,79 @@ This repository contains the complete, production-ready source code for a high-p
 
 ## ⭐ Feature Showcase: Everything You Get, Ready to Go
 
-This API server comes packed with all the backend features you need to launch a professional and scalable news application.
+This API is the powerful, secure, and scalable core of the entire news toolkit. Built on a high-performance Dart Frog foundation, it provides a complete backend solution designed for maintainability and rapid development.
 
-Click on any category to explore.
+Explore the high-level domains below to see how.
 
 <details>
 <summary><strong>🔐 Identity & Access Management</strong></summary>
 
-### 📧 Passwordless & Anonymous Authentication
-- **Modern Flows:** Implements secure, passwordless email + code sign-in and allows users to start with anonymous guest accounts.
-- **Seamless Account Linking:** Intelligently converts guest users to permanent accounts upon sign-up, migrating all their data (preferences, saved items) automatically.
-> **Your Advantage:** You get a modern, frictionless, and secure user onboarding experience that reduces user friction and encourages sign-ups.
+### 🛡️ Modern, Secure Authentication
+A complete identity system provides a frictionless and secure user journey from the very first interaction.
+- **Flexible Onboarding:** Supports modern, passwordless sign-in for registered users and seamless anonymous access for guests, reducing barriers to entry.
+- **Intelligent Account Conversion:** Automatically migrates all user data—including preferences and saved content—when a guest user creates a permanent account.
+- **Robust Session Control:** Uses industry-standard JWTs for stateless sessions and includes a token blacklisting service to ensure sessions are instantly and securely terminated upon sign-out.
+> **Your Advantage:** You get a complete, modern, and secure user management system out of the box, covering the entire user lifecycle from guest to registered user.
 
 ---
 
-### 🛡️ Secure Session Management
-- **JWT-Powered:** Uses industry-standard JSON Web Tokens (JWTs) for robust and stateless session management.
-- **Instant Session Invalidation:** A token blacklisting service ensures that when a user signs out, their session is immediately and securely terminated.
-> **Your Advantage:** Deliver a highly secure authentication system that protects user data and gives you full control over sessions.
+### 👮 Granular, Role-Based Security
+A sophisticated and flexible security model ensures that users and administrators can only access and modify the data they are permitted to.
+- **Multi-Layered Access Control:** Defines distinct permission sets for different user classes, such as mobile app consumers and dashboard administrators, ensuring a clear separation of capabilities.
+- **Automated Ownership Enforcement:** Built-in middleware automatically verifies data ownership before any modification or deletion request is processed, preventing unauthorized actions.
+> **Your Advantage:** Easily enforce complex business rules and security policies. The architecture guarantees data integrity and provides a secure foundation for scaling your user base.
 
 ---
 
-### 👮 Granular Role-Based Access Control (RBAC)
-- **Permission-Driven:** A flexible RBAC system controls what users can do based on their assigned roles (`AppUserRole`, `DashboardUserRole`).
-- **Ownership Verification:** Built-in middleware automatically checks if a user owns a piece of data before allowing them to modify or delete it.
-> **Your Advantage:** Easily enforce complex business rules and security policies, ensuring users can only access and manage the data they are supposed to.
-
----
-
-### 🚦 API Abuse Prevention
-- **Smart Rate Limiting:** Protects critical endpoints like `request-code` and the main data API from brute-force attacks, spam, and denial-of-service attempts.
-- **IP & User-Based:** Applies rate limits based on IP for anonymous users and by user ID for authenticated users, providing fair and effective protection.
-> **Your Advantage:** Your API is shielded from common threats, ensuring high availability and stability for your legitimate users.
+### 🚦 Automated API Protection
+The API is shielded from common threats with intelligent, built-in abuse prevention mechanisms.
+- **Smart Rate Limiting:** Protects critical endpoints from brute-force attacks and denial-of-service attempts by applying fair and effective limits based on IP address for guests and user ID for authenticated users.
+> **Your Advantage:** Ensure high availability and stability for your application. This automated defense layer protects your infrastructure and preserves a quality experience for legitimate users.
 
 </details>
 
 <details>
 <summary><strong>📦 Dynamic Content & Data API</strong></summary>
 
-### ⚙️ Generic & Extensible Data API
-- **Unified Data Gateway:** A single, powerful set of RESTful endpoints (`/api/v1/data`) serves as a central gateway for all data operations. It uses a simple `?model=` query parameter to dynamically handle CRUD requests for any data type in the system—Headlines, Topics, User Preferences, and more.
-- **Metadata-Driven Engine:** Instead of hardcoding routes for each data type, the API uses a central registry. This registry defines everything about a model—its permissions, validation rules, and how it connects to the database—in one place.
-> **Your Advantage:** This architecture is incredibly clean and scalable. Adding a completely new data type to your application, with its own unique permissions and logic, doesn't require writing new boilerplate API routes. You simply define its metadata in the central registry, and the generic endpoint handles the rest, dramatically speeding up development and reducing code duplication.
+### ⚙️ A Radically Efficient Data Engine
+Instead of a rigid collection of hardcoded routes, the API is built around a single, unified data gateway. This metadata-driven architecture dramatically accelerates development and enhances scalability.
+- **Unified Data Endpoint:** A central engine handles all data operations (CRUD) for every data type in the system—from articles and topics to user preferences and beyond.
+- **Metadata-Driven Logic:** To add a completely new data type to your application, you simply define its rules—permissions, validation, and database connections—in a central registry. The engine handles the rest automatically.
+> **Your Advantage:** This architecture eliminates boilerplate code and massively speeds up development. You can add new features and data models to your application without writing new API routes, enabling you to innovate and scale at a much faster pace.
 
 ---
 
-### 🔍 Advanced Querying & Pagination
-- **Rich Filtering:** Supports complex, MongoDB-style filtering directly through the API.
-- **Flexible Sorting & Pagination:** Allows for multi-field sorting and efficient cursor-based pagination to handle large datasets.
-> **Your Advantage:** Enable powerful, high-performance content discovery features in your client applications (like filtering, sorting, and infinite scrolling) with no extra backend work.
+### 🔍 Advanced Querying & Performance
+The data API is equipped with powerful querying capabilities, enabling rich, high-performance content discovery features in your client applications.
+- **Complex Filtering & Sorting:** Supports deep, multi-parameter filtering and flexible, multi-field sorting directly through the API.
+- **High-Performance Pagination:** Utilizes efficient cursor-based pagination to handle massive datasets gracefully, perfect for infinite-scrolling feeds.
+> **Your Advantage:** Empower your mobile and web clients with powerful data discovery features right out of the box, without needing to write any extra backend logic.
 
 </details>
 
 <details>
 <summary><strong>🏗️ Architecture & Infrastructure</strong></summary>
 
-### 🚀 High-Performance Dart Frog Core
-- **Modern & Fast:** Built on Dart Frog, a minimalist and extremely fast backend framework from the creators of Very Good Ventures, ensuring excellent performance and low latency.
-> **Your Advantage:** Your backend is built on a solid, modern foundation that is both powerful and easy to work with.
-
----
-
-### 🧱 Clean, Layered Architecture
-- **Separation of Concerns:** Strictly follows a layered architecture (Data Clients, Repositories, Services) that is clean, maintainable, and scalable.
-- **Standardized Responses:** Consistent JSON response structures for both success and error scenarios make client-side handling predictable and simple.
-> **Your Advantage:** You get a codebase that is easy to understand, modify, and extend, saving you significant development and maintenance time.
-
----
-
-### 🔌 Robust Dependency Injection
-- **Testable & Modular:** A centralized dependency injection system makes the entire application highly modular and easy to test.
-- **Swappable Implementations:** Easily swap out core components—like the database (MongoDB), email provider (SendGrid), or storage services—without rewriting your business logic.
-> **Your Advantage:** The architecture is not locked into specific services. You have the freedom to adapt and evolve your tech stack as your needs change.
+### 🚀 High-Performance by Design
+Built on a modern, minimalist foundation to ensure low latency and excellent performance.
+- **Dart Frog Core:** Leverages the high-performance Dart Frog framework for a fast, efficient, and scalable backend.
+- **Clean, Layered Architecture:** A strict separation of concerns into distinct layers makes the codebase clean, maintainable, and easy to reason about.
+> **Your Advantage:** Your backend is built on a solid, modern foundation that is both powerful and a pleasure to work with, reducing maintenance overhead.
 
 ---
 
-### ⚙️ Secure Environment Configuration
-- **Secure & Flexible:** Manages all sensitive keys, API credentials, and environment-specific settings through a `.env` file, keeping your secrets out of the codebase.
-> **Your Advantage:** Deploy your application across different environments (local, staging, production) safely and efficiently.
+### 🔌 Extensible & Unlocked
+The entire application is designed with a robust dependency injection system, giving you the freedom to choose your own infrastructure.
+- **Swappable Implementations:** Easily swap out core components—like the database, email provider, or file storage service—without rewriting business logic.
+> **Your Advantage:** Avoid vendor lock-in and future-proof your application. You have the freedom to adapt and evolve your tech stack as your business needs change.
 
 ---
 
-### 🔄 Automated Database Migrations
-- **PR-Driven Schema Evolution:** Implements a robust, versioned database migration system that automatically applies schema changes to MongoDB on application startup.
-- **Idempotent & Generic:** Each migration is idempotent and designed to handle schema evolution for *any* model in the database, ensuring data consistency across deployments.
-- **Traceable Versioning:** Migrations are identified by their Pull Request merge date (`prDate` in `YYYYMMDDHHMMSS` format) for chronological execution, a concise `prSummary`, and a direct `prId` (GitHub PR ID) for full traceability.
-> **Your Advantage:** Say goodbye to manual database updates! Your application gracefully handles schema changes, providing a professional and reliable mechanism for evolving your data models without breaking existing data, with clear links to the originating code changes.
+### 🔄 Automated & Traceable Database Migrations
+Say goodbye to risky manual database updates. A professional, versioned migration system ensures your database schema evolves safely and automatically.
+- **Code-Driven Schema Evolution:** The system automatically applies schema changes to your database on application startup, ensuring consistency across all environments.
+- **Traceable to Source:** Each migration is versioned and directly linked to the pull request that initiated it, providing a clear, auditable history of every change.
+> **Your Advantage:** Deploy with confidence. This robust system eliminates an entire class of deployment errors, ensuring your data models evolve gracefully and reliably with full traceability.
 
 </details>
 

diff --git a/pubspec.lock b/pubspec.lock
@@ -5,10 +5,10 @@ packages:
     dependency: transitive
     description:
       name: _fe_analyzer_shared
-      sha256: dd3d2ad434b9510001d089e8de7556d50c834481b9abc2891a0184a8493a19dc
+      sha256: c209688d9f5a5f26b2fb47a188131a6fb9e876ae9e47af3737c0b4f58a93470d
       url: "https://pub.dev"
     source: hosted
-    version: "89.0.0"
+    version: "91.0.0"
   adaptive_number:
     dependency: transitive
     description:
@@ -21,10 +21,10 @@ packages:
     dependency: transitive
     description:
       name: analyzer
-      sha256: c22b6e7726d1f9e5db58c7251606076a71ca0dbcf76116675edfadbec0c9e875
+      sha256: a40a0cee526a7e1f387c6847bd8a5ccbf510a75952ef8a28338e989558072cb0
       url: "https://pub.dev"
     source: hosted
-    version: "8.2.0"
+    version: "8.4.0"
   archive:
     dependency: transitive
     description:
@@ -117,11 +117,11 @@ packages:
     dependency: "direct main"
     description:
       path: "."
-      ref: "v1.3.0"
-      resolved-ref: ee2ad7de28baec04d64c0afd3e3a61d7e4ad6cb0
+      ref: "v1.3.1"
+      resolved-ref: a03efff11b7577974cb444a1a6a46fee8b05ea42
       url: "https://github.com/flutter-news-app-full-source-code/core.git"
     source: git
-    version: "1.3.0"
+    version: "1.3.1"
   coverage:
     dependency: transitive
     description:
@@ -142,45 +142,45 @@ packages:
     dependency: "direct main"
     description:
       name: dart_frog
-      sha256: "84b8f82413f622dfdcfba6982522f8752ece09b49fea9a35f8794a0b2bc357e4"
+      sha256: "0fc909d10ae79dd069e6a3a4769aeaa9839c93b7f6f1e71cfd37b276410875e7"
       url: "https://pub.dev"
     source: hosted
-    version: "1.2.3"
+    version: "1.2.4"
   dart_jsonwebtoken:
     dependency: "direct main"
     description:
       name: dart_jsonwebtoken
-      sha256: "21ce9f8a8712f741e8d6876a9c82c0f8a257fe928c4378a91d8527b92a3fd413"
+      sha256: "0de65691c1d736e9459f22f654ddd6fd8368a271d4e41aa07e53e6301eff5075"
       url: "https://pub.dev"
     source: hosted
-    version: "3.2.0"
+    version: "3.3.1"
   data_client:
     dependency: "direct main"
     description:
       path: "."
-      ref: "v1.0.0"
-      resolved-ref: b9a8a8c2c660928c22f2d38d657000bcae4c74d6
+      ref: "v1.0.1"
+      resolved-ref: "61e693e22e05c279a41304c98d68d96424b96df6"
       url: "https://github.com/flutter-news-app-full-source-code/data-client.git"
     source: git
-    version: "0.0.0"
+    version: "1.0.1"
   data_mongodb:
     dependency: "direct main"
     description:
       path: "."
-      ref: "v1.0.0"
-      resolved-ref: f55b686acdbc0af9c617df4833733a07f9208b57
+      ref: "v1.0.1"
+      resolved-ref: a353f46f48019b0fc8e9180cf4061623adcd2b99
       url: "https://github.com/flutter-news-app-full-source-code/data-mongodb.git"
     source: git
-    version: "0.0.0"
+    version: "1.0.1"
   data_repository:
     dependency: "direct main"
     description:
       path: "."
-      ref: "v1.0.0"
-      resolved-ref: "7f9242d810d60fefd2f883b19e1650e8e4eb41a3"
+      ref: "v1.0.1"
+      resolved-ref: "3e9115fc5229a6e84b81f44b74bc7df47824a00e"
       url: "https://github.com/flutter-news-app-full-source-code/data-repository.git"
     source: git
-    version: "0.0.0"
+    version: "1.0.1"
   decimal:
     dependency: transitive
     description:
@@ -225,29 +225,29 @@ packages:
     dependency: "direct main"
     description:
       path: "."
-      ref: "v1.0.0"
-      resolved-ref: "31faf0e429aeea519204dfdd26afdba36ea1d8dc"
+      ref: "v1.0.1"
+      resolved-ref: "2e4b468c96e60e7f899ec28c02389c5ce0b578fa"
       url: "https://github.com/flutter-news-app-full-source-code/email-client.git"
     source: git
-    version: "0.0.0"
+    version: "1.0.1"
   email_repository:
     dependency: "direct main"
     description:
       path: "."
-      ref: "v1.0.0"
-      resolved-ref: "2be152f3c48acd35d0a79a01d7258a4e8e8ab399"
+      ref: "v1.0.1"
+      resolved-ref: e0a04e22bce1e891e6c3b35f83a30c3a8800b044
       url: "https://github.com/flutter-news-app-full-source-code/email-repository.git"
     source: git
-    version: "0.0.0"
+    version: "1.0.1"
   email_sendgrid:
     dependency: "direct main"
     description:
       path: "."
-      ref: "v1.0.0"
-      resolved-ref: f28572a0c0598348391df7701a205249f2454031
+      ref: "v1.0.1"
+      resolved-ref: "9eb355fe901823cf9062472a545efc5302ba9168"
       url: "https://github.com/flutter-news-app-full-source-code/email-sendgrid.git"
     source: git
-    version: "0.0.0"
+    version: "1.0.1"
   equatable:
     dependency: transitive
     description:
@@ -317,10 +317,10 @@ packages:
     description:
       path: "."
       ref: "v1.0.1"
-      resolved-ref: ce550196f78ee2e95aa9e985759179265983689d
+      resolved-ref: "22a1531a279769ec472f698e9c727cd2c29a81b9"
       url: "https://github.com/flutter-news-app-full-source-code/http-client.git"
     source: git
-    version: "0.0.0"
+    version: "1.0.1"
   http_methods:
     dependency: transitive
     description:
@@ -549,10 +549,10 @@ packages:
     dependency: transitive
     description:
       name: shelf_hotreload
-      sha256: d7099618b18d3c63ba5272491c1812c306629495129ef9996115f0417902f963
+      sha256: "449f68ce2d087a030c2bfbb40e6925c63fac3dcb502a67388a7139ce72102e7a"
       url: "https://pub.dev"
     source: hosted
-    version: "1.5.0"
+    version: "1.6.0"
   shelf_packages_handler:
     dependency: transitive
     description:
@@ -685,10 +685,10 @@ packages:
     dependency: transitive
     description:
       name: unorm_dart
-      sha256: "8e3870a1caa60bde8352f9597dd3535d8068613269444f8e35ea8925ec84c1f5"
+      sha256: "0c69186b03ca6addab0774bcc0f4f17b88d4ce78d9d4d8f0619e30a99ead58e7"
       url: "https://pub.dev"
     source: hosted
-    version: "0.3.1+1"
+    version: "0.3.2"
   uuid:
     dependency: transitive
     description:
@@ -725,10 +725,10 @@ packages:
     dependency: transitive
     description:
       name: watcher
-      sha256: "5bf046f41320ac97a469d506261797f35254fa61c641741ef32dacda98b7d39c"
+      sha256: "592ab6e2892f67760543fb712ff0177f4ec76c031f02f5b4ff8d3fc5eb9fb61a"
       url: "https://pub.dev"
     source: hosted
-    version: "1.1.3"
+    version: "1.1.4"
   web:
     dependency: transitive
     description:

diff --git a/pubspec.yaml b/pubspec.yaml
@@ -12,34 +12,34 @@ dependencies:
   core:
     git:
       url: https://github.com/flutter-news-app-full-source-code/core.git
-      ref: v1.3.0
+      ref: v1.3.1
   dart_frog: ^1.1.0
   dart_jsonwebtoken: ^3.2.0
   data_client:
     git:
       url: https://github.com/flutter-news-app-full-source-code/data-client.git
-      ref: v1.0.0
+      ref: v1.0.1
   data_mongodb:
     git:
       url: https://github.com/flutter-news-app-full-source-code/data-mongodb.git
-      ref: v1.0.0
+      ref: v1.0.1
   data_repository:
     git:
       url: https://github.com/flutter-news-app-full-source-code/data-repository.git
-      ref: v1.0.0
+      ref: v1.0.1
   dotenv: ^4.2.0
   email_client:
     git:
       url: https://github.com/flutter-news-app-full-source-code/email-client.git
-      ref: v1.0.0
+      ref: v1.0.1
   email_repository:
     git:
       url: https://github.com/flutter-news-app-full-source-code/email-repository.git
-      ref: v1.0.0
+      ref: v1.0.1
   email_sendgrid:
     git:
       url: https://github.com/flutter-news-app-full-source-code/email-sendgrid.git
-      ref: v1.0.0
+      ref: v1.0.1
   http_client:
     git:
       url: https://github.com/flutter-news-app-full-source-code/http-client.git
@@ -55,8 +55,3 @@ dev_dependencies:
   test: ^1.25.5
   very_good_analysis: ^9.0.0
 
-dependency_overrides:
-  core:
-    git:
-      url: https://github.com/flutter-news-app-full-source-code/core.git
-      ref: v1.3.0