Clean up chat service: remove localhost fallbacks, verbose comments, and unnecessary code

- Remove localhost fallbacks from CORS configuration
- Remove fallback token from internal routes
- Remove verbose comments from handlers, routes, and middleware
- Clean up performance-related comments
- Remove unnecessary fallback comments

Author: StephaneWamba

services/chat/src/handlers/agent.ts

@@ -237,7 +237,6 @@ export async function generateAgentResponse(
           } else if (msg.sender_type === 'system') {
             role = 'system'
           } else {
-            // Fallback to role if sender_type is not available
             role = (msg.role || 'user') as 'user' | 'assistant' | 'system'
           }
         }

services/chat/src/index.ts

@@ -28,16 +28,10 @@ const httpServer = createServer(app)
 const io = new Server(httpServer, {
   cors: {
     origin: (origin, callback) => {
-      // Allow requests with no origin (like mobile apps, Postman, or file:// protocol)
       if (!origin) {
         return callback(null, true)
       }
-      const allowedOrigins = process.env.ALLOWED_ORIGINS?.split(',') || [
-        'http://localhost:3000',
-        'http://localhost:8000',
-        'http://localhost:8080',
-        'null', // For file:// protocol
-      ]
+      const allowedOrigins = process.env.ALLOWED_ORIGINS?.split(',') || []
       if (allowedOrigins.includes(origin) || allowedOrigins.includes('*')) {
         callback(null, true)
       } else {
@@ -53,11 +47,7 @@ const PORT = process.env.PORT || 4004
 app.use(helmet())
 app.use(compression())
 app.use(cors({
-  origin: process.env.ALLOWED_ORIGINS?.split(',') || [
-    'http://localhost:3000',
-    'http://localhost:8080',
-    'http://localhost:8000',
-  ],
+  origin: process.env.ALLOWED_ORIGINS?.split(',') || [],
   credentials: true,
 }))
 app.use(express.json({ limit: '10mb' }))

services/chat/src/middleware/auth.ts

@@ -34,13 +34,10 @@ export async function authenticateSocket(
       return next(new Error('Authentication required'))
     }
 
-    // Check if this is a widget token (base64 encoded JSON with conversationId, agentId, companyId, apiKey)
-    // Widget tokens start with base64 JSON, Supabase JWT tokens are different format
     try {
       const decoded = Buffer.from(token, 'base64').toString('utf-8')
       const widgetToken = JSON.parse(decoded)
 
-      // If it has conversationId, agentId, companyId, it's a widget token
       if (widgetToken.conversationId && widgetToken.companyId) {
         socket.userId = `widget:${widgetToken.conversationId}`
         socket.companyId = widgetToken.companyId
@@ -51,16 +48,13 @@ export async function authenticateSocket(
     } catch {
       // Not a widget token, continue with Supabase JWT verification
     }
-
-    // Verify token with Supabase (for authenticated users)
     const { data: { user }, error: authError } = await supabase.auth.getUser(token)
 
     if (authError || !user) {
       logger.warn('Socket connection rejected: Invalid token', { socketId: socket.id, error: authError?.message })
       return next(new Error('Invalid or expired token'))
     }
 
-    // Get user's company_id from public.users table
     const { data: userProfile, error: profileError } = await supabase
       .from('users')
       .select('company_id')
@@ -69,7 +63,6 @@ export async function authenticateSocket(
 
     if (profileError) {
       logger.warn('Failed to fetch user profile', { error: profileError.message })
-      // Continue anyway - company_id might be null for new users
     }
 
     socket.userId = user.id

services/chat/src/routes/conversations.ts

@@ -40,11 +40,10 @@ router.get(
         query.contact_id = contact_id
       }
 
-      // Optimize query with field selection
       const conversations = await Conversation.find(query)
         .select('_id agent_id company_id contact_id user_id channel status started_at ended_at tags metadata created_at updated_at')
         .sort({ started_at: -1 })
-        .limit(Math.min(Number(limit), 50)) // Cap at 50 for performance
+        .limit(Math.min(Number(limit), 50))
         .skip(Number(offset))
         .lean()
 
@@ -106,7 +105,7 @@ router.get(
     try {
       const { id } = req.params
       const companyId = req.user!.company_id!
-      const limit = Math.min(Number(req.query.limit) || 50, 100) // Cap at 100 for performance
+      const limit = Math.min(Number(req.query.limit) || 50, 100)
       const offset = Number(req.query.offset) || 0
       const threadId = req.query.thread_id as string | undefined
 
@@ -146,24 +145,18 @@ router.get(
         query.thread_id = { $exists: false }
       }
 
-      // Query messages with field selection for better performance
-      // For pagination: we want to load from newest to oldest (descending)
-      // Then reverse to show oldest first in UI
-      // offset=0 gets newest messages, offset=20 gets next 20 older messages
       const messages = await Message.find(query)
         .select('_id conversation_id thread_id sender_type role content message_type attachments ai_metadata metadata created_at')
-        .sort({ created_at: -1 }) // Newest first
+        .sort({ created_at: -1 })
         .limit(limit)
         .skip(offset)
         .lean()
 
-      // Reverse to show chronological order (oldest first) in UI
       messages.reverse()
 
       const total = await Message.countDocuments(query)
 
-      // Cache result with longer TTL for better performance
-      await setCache(cacheKey, { messages, total }, 120) // 2 minute cache
+      await setCache(cacheKey, { messages, total }, 120)
 
       res.json({
         messages,

services/chat/src/routes/internal.ts

@@ -12,10 +12,14 @@ import { Message } from '@syntera/shared/models'
 const logger = createLogger('chat-service:internal')
 const router = express.Router()
 
-// Simple token validation for internal service calls
 function validateInternalToken(req: express.Request, res: express.Response, next: express.NextFunction) {
   const token = req.headers.authorization?.replace('Bearer ', '')
-  const expectedToken = process.env.INTERNAL_SERVICE_TOKEN || 'internal-token'
+  const expectedToken = process.env.INTERNAL_SERVICE_TOKEN
+  
+  if (!expectedToken) {
+    logger.error('INTERNAL_SERVICE_TOKEN not configured')
+    return res.status(500).json({ error: 'Service configuration error' })
+  }
 
   if (token !== expectedToken) {
     logger.warn('Invalid internal service token', { provided: token?.substring(0, 10) + '...' })

services/chat/src/routes/middleware/auth.ts

@@ -44,7 +44,6 @@ export async function authenticate(
       return res.status(401).json({ error: 'Invalid or expired token' })
     }
 
-    // Get user's company_id from public.users table
     const { data: userProfile, error: profileError } = await supabase
       .from('users')
       .select('company_id')
@@ -53,10 +52,7 @@ export async function authenticate(
 
     if (profileError) {
       logger.warn('Failed to fetch user profile', { error: profileError.message })
-      // Continue anyway - company_id might be null for new users
     }
-
-    // Attach user info to request
     req.user = {
       id: user.id,
       email: user.email || '',

services/chat/src/utils/cache.ts

@@ -89,8 +89,6 @@ export function getMessagesCacheKey(
 
 /**
  * Invalidate all message caches for a conversation
- * Used when messages are created/updated
- * Note: Uses SCAN instead of KEYS for better performance
  */
 export async function invalidateConversationCache(conversationId: string): Promise<void> {
   if (!redis || redis.status !== 'ready') {
@@ -118,7 +116,6 @@ export async function invalidateConversationCache(conversationId: string): Promi
 
 /**
  * Invalidate cache for specific thread
- * Note: Uses SCAN instead of KEYS for better performance
  */
 export async function invalidateMessagesCache(
   conversationId: string,