Code API inconsistencies

[RobertoPrevato]

There are inconsistencies in the code API. Some features can be enabled with a dedicated method in the Application class (e.g., use_sessions, use_cors), while others are not. Maybe it is best to remove the methods that were added to the Application class, since covering all scenarios cannot scale well.

[tyzhnenko]

It sounds reasonable.
How about making a separate package with all middlewares?
Another bonus that I also see everything related to this new package can be put in one place in the documentation.
But in the other hand such changes can break projects that is using blacksheep. It seems that only one chance to do it in right time is before release version 2.

Btw, if you think the project needs a volunteer or some other help just tell me. Currently I have free time between jobs and would like to spend it with profit.

[RobertoPrevato]

@tyzhnenko, I apologize for replying late. I work on these open source projects in my private time, and never during my work hours, so sometimes it takes me days to reply.
I don't like the idea of separating middlewares into different packages, for a few reasons:

• I like BlackSheep to be "battery included" for things that don't require extra dependencies, like the Gzip middleware you contributed to recently
• I like separating features into dedicated packages whenever I see the opportunity to reuse functionalities outside the context of the web framework. For example I put guardpost into a dedicated library, rodi for dependency injection, etc. I already maintain about 20 projects and I wouldn't split blacksheep into several packages, unless it's for the good reason to not add extra dependencies (example: blacksheep-sqlalchemy has its own package because of this reason).

Btw, if you think the project needs a volunteer or some other help just tell me. Currently I have free time between jobs and would like to spend it with profit.

I welcome contributions if you like these projects and find them useful. But please be aware that I don't earn any money from these projects and I cannot compensate monetarily. I even disabled sponsors on my GitHub account.

Going back to the subject of this ticket, please consider it low priority. Python itself has several code inconsistencies, since years (defaultdict, OrderedDict, logging.getLogger, etc.). I am just considering to put the features that currently are attached to the Application class such as use_cors, use_authentication, use_authorization into separate modules inside the same library, to make them consistent with other things that were not attached to the Application (like use_oidc). Because it doesn't scale very well putting everything together in the Application class. 😄

[nkhitrov]

+1, I like the idea of separate packages to handle cors, auth, etc.

For more flexibility, we can try to implement event system like in sqlalchemy, or look at plug lib from elixir. I think plug is really powerful feature because it's like middleware per route(s) and similar to fastapi depends (but not so ugly)

What you think about it @RobertoPrevato ?