chore(release): publish new version

- @standardnotes/api-gateway@1.58.0 - @standardnotes/auth-server@1.111.0 - @standardnotes/home-server@1.5.0 - @standardnotes/revisions-server@1.16.0
feat: add revisions service to home server (#613 )
2026-05-24 12:08:23 -04:00 · 2023-05-25 11:11:19 +00:00 · 2023-05-25 12:57:05 +02:00 · 2023-05-25 07:56:05 +00:00 · 2023-05-25 09:43:00 +02:00 · 2023-05-24 13:56:09 +02:00
105 changed files with 1867 additions and 1660 deletions
@@ -50,7 +50,7 @@ jobs:
      run: yarn dlx mocha-headless-chrome --timeout 1200000 -f http://localhost:9001/mocha/test.html

  e2e-home-server:
-    name: (WIP - Home Server) E2E Test Suite
+    name: (Home Server) E2E Test Suite
    runs-on: ubuntu-latest

    services:
@@ -83,6 +83,9 @@ jobs:
        sed -i "s/AUTH_JWT_SECRET=/AUTH_JWT_SECRET=$(openssl rand -hex 32)/g" packages/home-server/.env
        sed -i "s/ENCRYPTION_SERVER_KEY=/ENCRYPTION_SERVER_KEY=$(openssl rand -hex 32)/g" packages/home-server/.env
        sed -i "s/PSEUDO_KEY_PARAMS_KEY=/PSEUDO_KEY_PARAMS_KEY=$(openssl rand -hex 32)/g" packages/home-server/.env
+        echo "ACCESS_TOKEN_AGE=4" >> packages/home-server/.env
+        echo "REFRESH_TOKEN_AGE=7" >> packages/home-server/.env
+        echo "REVISIONS_FREQUENCY=5" >> packages/home-server/.env

    - name: Run Server
      run: nohup yarn workspace @standardnotes/home-server start &
@@ -93,5 +96,4 @@ jobs:
      run: docker/is-available.sh http://localhost:3123 $(pwd)/logs

    - name: Run E2E Test Suite
-      continue-on-error: true
-      run: yarn dlx mocha-headless-chrome --timeout 1200000 -f http://localhost:9001/mocha/test.html
+      run: yarn dlx mocha-headless-chrome --timeout 1200000 -f http://localhost:9001/mocha/test.html?skip_paid_features=true
@@ -4626,6 +4626,8 @@ const RAW_RUNTIME_STATE =
          ["@standardnotes/auth-server", "workspace:packages/auth"],\
          ["@standardnotes/domain-core", "workspace:packages/domain-core"],\
          ["@standardnotes/domain-events-infra", "workspace:packages/domain-events-infra"],\
+          ["@standardnotes/revisions-server", "workspace:packages/revisions"],\
+          ["@standardnotes/syncing-server", "workspace:packages/syncing-server"],\
          ["@types/cors", "npm:2.8.13"],\
          ["@types/express", "npm:4.17.17"],\
          ["@types/prettyjson", "npm:0.0.30"],\
@@ -3,6 +3,35 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+# [1.58.0](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.57.0...@standardnotes/api-gateway@1.58.0) (2023-05-25)
+
+### Features
+
+* add revisions service to home server ([#613](https://github.com/standardnotes/api-gateway/issues/613)) ([c70040f](https://github.com/standardnotes/api-gateway/commit/c70040fe5dfd35663b9811fbbaa9370bd0298482))
+
+# [1.57.0](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.56.2...@standardnotes/api-gateway@1.57.0) (2023-05-25)
+
+### Features
+
+* refactor auth middleware to handle required and optional cross service token scenarios ([#612](https://github.com/standardnotes/api-gateway/issues/612)) ([1e4c7d0](https://github.com/standardnotes/api-gateway/commit/1e4c7d0f317d5c2d98065da12ffeb950b10ee5dc))
+
+## [1.56.2](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.56.1...@standardnotes/api-gateway@1.56.2) (2023-05-18)
+
+### Bug Fixes
+
+* **api-gateway:** decorating responses for direct call proxy ([4ab32c6](https://github.com/standardnotes/api-gateway/commit/4ab32c670eedcfc64611a191bc25566d43372b23))
+* **api-gateway:** pkce endpoints resolution for direct code calls ([c7e605f](https://github.com/standardnotes/api-gateway/commit/c7e605fd6046e8476c493658c6feaed365e82e5d))
+
+## [1.56.1](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.56.0...@standardnotes/api-gateway@1.56.1) (2023-05-18)
+
+**Note:** Version bump only for package @standardnotes/api-gateway
+
+# [1.56.0](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.55.0...@standardnotes/api-gateway@1.56.0) (2023-05-17)
+
+### Features
+
+* bundle syncing server into home server setup ([#611](https://github.com/standardnotes/api-gateway/issues/611)) ([b3b617e](https://github.com/standardnotes/api-gateway/commit/b3b617ea0b4f4574f6aa7cfae0e9fa8f868f1f4c))
+
 # [1.55.0](https://github.com/standardnotes/api-gateway/compare/@standardnotes/api-gateway@1.54.0...@standardnotes/api-gateway@1.55.0) (2023-05-17)

 ### Features
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/api-gateway",
-  "version": "1.55.0",
+  "version": "1.58.0",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -8,7 +8,6 @@ import { Timer, TimerInterface } from '@standardnotes/time'

 import { Env } from './Env'
 import { TYPES } from './Types'
-import { AuthMiddleware } from '../Controller/AuthMiddleware'
 import { ServiceProxyInterface } from '../Service/Http/ServiceProxyInterface'
 import { HttpServiceProxy } from '../Service/Http/HttpServiceProxy'
 import { SubscriptionTokenAuthMiddleware } from '../Controller/SubscriptionTokenAuthMiddleware'
@@ -20,6 +19,8 @@ import { DirectCallServiceProxy } from '../Service/Proxy/DirectCallServiceProxy'
 import { ServiceContainerInterface } from '@standardnotes/domain-core'
 import { EndpointResolverInterface } from '../Service/Resolver/EndpointResolverInterface'
 import { EndpointResolver } from '../Service/Resolver/EndpointResolver'
+import { RequiredCrossServiceTokenMiddleware } from '../Controller/RequiredCrossServiceTokenMiddleware'
+import { OptionalCrossServiceTokenMiddleware } from '../Controller/OptionalCrossServiceTokenMiddleware'

 // eslint-disable-next-line @typescript-eslint/no-var-requires
 const newrelicFormatter = require('@newrelic/winston-enricher')
@@ -43,6 +44,7 @@ export class ContainerConfigLoader {
      level: env.get('LOG_LEVEL') || 'info',
      format: winston.format.combine(...winstonFormatters),
      transports: [new winston.transports.Console({ level: env.get('LOG_LEVEL') || 'info' })],
+      defaultMeta: { service: 'api-gateway' },
    })
    container.bind<winston.Logger>(TYPES.Logger).toConstantValue(logger)

@@ -76,7 +78,12 @@ export class ContainerConfigLoader {
    container.bind(TYPES.CROSS_SERVICE_TOKEN_CACHE_TTL).toConstantValue(+env.get('CROSS_SERVICE_TOKEN_CACHE_TTL', true))

    // Middleware
-    container.bind<AuthMiddleware>(TYPES.AuthMiddleware).to(AuthMiddleware)
+    container
+      .bind<RequiredCrossServiceTokenMiddleware>(TYPES.RequiredCrossServiceTokenMiddleware)
+      .to(RequiredCrossServiceTokenMiddleware)
+    container
+      .bind<OptionalCrossServiceTokenMiddleware>(TYPES.OptionalCrossServiceTokenMiddleware)
+      .to(OptionalCrossServiceTokenMiddleware)
    container.bind<WebSocketAuthMiddleware>(TYPES.WebSocketAuthMiddleware).to(WebSocketAuthMiddleware)
    container
      .bind<SubscriptionTokenAuthMiddleware>(TYPES.SubscriptionTokenAuthMiddleware)
@@ -89,7 +96,7 @@ export class ContainerConfigLoader {
      }
      container
        .bind<ServiceProxyInterface>(TYPES.ServiceProxy)
-        .toConstantValue(new DirectCallServiceProxy(serviceContainer))
+        .toConstantValue(new DirectCallServiceProxy(serviceContainer, container.get(TYPES.FILES_SERVER_URL)))
    } else {
      container.bind<ServiceProxyInterface>(TYPES.ServiceProxy).to(HttpServiceProxy)
    }
@@ -1,28 +1,14 @@
-import {
-  ControllerContainerInterface,
-  ServiceContainerInterface,
-  ServiceIdentifier,
-  ServiceInterface,
-} from '@standardnotes/domain-core'
+import { ServiceContainerInterface, ServiceIdentifier, ServiceInterface } from '@standardnotes/domain-core'

 import { ContainerConfigLoader } from './Container'

 export class Service implements ServiceInterface {
-  constructor(
-    private serviceContainer: ServiceContainerInterface,
-    private controllerContainer: ControllerContainerInterface,
-  ) {
-    this.serviceContainer.register(ServiceIdentifier.create(ServiceIdentifier.NAMES.ApiGateway).getValue(), this)
+  constructor(private serviceContainer: ServiceContainerInterface) {
+    this.serviceContainer.register(this.getId(), this)
  }

-  async handleRequest(request: never, response: never, endpointOrMethodIdentifier: string): Promise<unknown> {
-    const method = this.controllerContainer.get(endpointOrMethodIdentifier)
-
-    if (!method) {
-      throw new Error(`Method ${endpointOrMethodIdentifier} not found`)
-    }
-
-    return method(request, response)
+  async handleRequest(_request: never, _response: never, _endpointOrMethodIdentifier: string): Promise<unknown> {
+    throw new Error('Requests are handled via inversify-express at ApiGateway level')
  }

  async getContainer(): Promise<unknown> {
@@ -15,7 +15,8 @@ export const TYPES = {
  VERSION: Symbol.for('VERSION'),
  CROSS_SERVICE_TOKEN_CACHE_TTL: Symbol.for('CROSS_SERVICE_TOKEN_CACHE_TTL'),
  // Middleware
-  AuthMiddleware: Symbol.for('AuthMiddleware'),
+  RequiredCrossServiceTokenMiddleware: Symbol.for('RequiredCrossServiceTokenMiddleware'),
+  OptionalCrossServiceTokenMiddleware: Symbol.for('OptionalCrossServiceTokenMiddleware'),
  WebSocketAuthMiddleware: Symbol.for('WebSocketAuthMiddleware'),
  SubscriptionTokenAuthMiddleware: Symbol.for('SubscriptionTokenAuthMiddleware'),
  // Services
@@ -2,43 +2,33 @@ import { CrossServiceTokenData } from '@standardnotes/security'
 import { RoleName } from '@standardnotes/domain-core'
 import { TimerInterface } from '@standardnotes/time'
 import { NextFunction, Request, Response } from 'express'
-import { inject, injectable } from 'inversify'
 import { BaseMiddleware } from 'inversify-express-utils'
 import { verify } from 'jsonwebtoken'
 import { AxiosError } from 'axios'
 import { Logger } from 'winston'

-import { TYPES } from '../Bootstrap/Types'
 import { CrossServiceTokenCacheInterface } from '../Service/Cache/CrossServiceTokenCacheInterface'
 import { ServiceProxyInterface } from '../Service/Http/ServiceProxyInterface'

-@injectable()
-export class AuthMiddleware extends BaseMiddleware {
+export abstract class AuthMiddleware extends BaseMiddleware {
  constructor(
-    @inject(TYPES.ServiceProxy) private serviceProxy: ServiceProxyInterface,
-    @inject(TYPES.AUTH_JWT_SECRET) private jwtSecret: string,
-    @inject(TYPES.CROSS_SERVICE_TOKEN_CACHE_TTL) private crossServiceTokenCacheTTL: number,
-    @inject(TYPES.CrossServiceTokenCache) private crossServiceTokenCache: CrossServiceTokenCacheInterface,
-    @inject(TYPES.Timer) private timer: TimerInterface,
-    @inject(TYPES.Logger) private logger: Logger,
+    private serviceProxy: ServiceProxyInterface,
+    private jwtSecret: string,
+    private crossServiceTokenCacheTTL: number,
+    private crossServiceTokenCache: CrossServiceTokenCacheInterface,
+    private timer: TimerInterface,
+    private logger: Logger,
  ) {
    super()
  }

  async handler(request: Request, response: Response, next: NextFunction): Promise<void> {
-    const authHeaderValue = request.headers.authorization as string
-
-    if (!authHeaderValue) {
-      response.status(401).send({
-        error: {
-          tag: 'invalid-auth',
-          message: 'Invalid login credentials.',
-        },
-      })
-
+    if (!this.handleMissingAuthHeader(request.headers.authorization, response, next)) {
      return
    }

+    const authHeaderValue = request.headers.authorization as string
+
    try {
      let crossServiceTokenFetchedFromCache = true
      let crossServiceToken = null
@@ -49,10 +39,7 @@ export class AuthMiddleware extends BaseMiddleware {
      if (crossServiceToken === null) {
        const authResponse = await this.serviceProxy.validateSession(authHeaderValue)

-        if (authResponse.status > 200) {
-          response.setHeader('content-type', authResponse.headers.contentType)
-          response.status(authResponse.status).send(authResponse.data)
-
+        if (!this.handleSessionValidationResponse(authResponse, response, next)) {
          return
        }

@@ -77,7 +64,8 @@ export class AuthMiddleware extends BaseMiddleware {
        })
      }

-      response.locals.userUuid = decodedToken.user.uuid
+      response.locals.user = decodedToken.user
+      response.locals.session = decodedToken.session
      response.locals.roles = decodedToken.roles
    } catch (error) {
      const errorMessage = (error as AxiosError).isAxiosError
@@ -105,6 +93,24 @@ export class AuthMiddleware extends BaseMiddleware {
    return next()
  }

+  protected abstract handleSessionValidationResponse(
+    authResponse: {
+      status: number
+      data: unknown
+      headers: {
+        contentType: string
+      }
+    },
+    response: Response,
+    next: NextFunction,
+  ): boolean
+
+  protected abstract handleMissingAuthHeader(
+    authHeaderValue: string | undefined,
+    response: Response,
+    next: NextFunction,
+  ): boolean
+
  private getCrossServiceTokenCacheExpireTimestamp(token: CrossServiceTokenData): number {
    const crossServiceTokenDefaultCacheExpiration = this.timer.getTimestampInSeconds() + this.crossServiceTokenCacheTTL

@@ -29,17 +29,17 @@ export class LegacyController extends BaseHttpController {
    ])
  }

-  @httpPost('/items/sync', TYPES.AuthMiddleware)
+  @httpPost('/items/sync', TYPES.RequiredCrossServiceTokenMiddleware)
  async legacyItemsSync(request: Request, response: Response): Promise<void> {
    await this.httpService.callLegacySyncingServer(request, response, request.path.substring(1), request.body)
  }

-  @httpGet('/items/:item_id/revisions', TYPES.AuthMiddleware)
+  @httpGet('/items/:item_id/revisions', TYPES.RequiredCrossServiceTokenMiddleware)
  async legacyGetRevisions(request: Request, response: Response): Promise<void> {
    await this.httpService.callLegacySyncingServer(request, response, request.path.substring(1), request.body)
  }

-  @httpGet('/items/:item_id/revisions/:id', TYPES.AuthMiddleware)
+  @httpGet('/items/:item_id/revisions/:id', TYPES.RequiredCrossServiceTokenMiddleware)
  async legacyGetRevision(request: Request, response: Response): Promise<void> {
    await this.httpService.callLegacySyncingServer(request, response, request.path.substring(1), request.body)
  }
@@ -0,0 +1,51 @@
+import { TimerInterface } from '@standardnotes/time'
+import { NextFunction, Response } from 'express'
+import { inject, injectable } from 'inversify'
+import { Logger } from 'winston'
+
+import { TYPES } from '../Bootstrap/Types'
+import { CrossServiceTokenCacheInterface } from '../Service/Cache/CrossServiceTokenCacheInterface'
+import { ServiceProxyInterface } from '../Service/Http/ServiceProxyInterface'
+import { AuthMiddleware } from './AuthMiddleware'
+
+@injectable()
+export class OptionalCrossServiceTokenMiddleware extends AuthMiddleware {
+  constructor(
+    @inject(TYPES.ServiceProxy) serviceProxy: ServiceProxyInterface,
+    @inject(TYPES.AUTH_JWT_SECRET) jwtSecret: string,
+    @inject(TYPES.CROSS_SERVICE_TOKEN_CACHE_TTL) crossServiceTokenCacheTTL: number,
+    @inject(TYPES.CrossServiceTokenCache) crossServiceTokenCache: CrossServiceTokenCacheInterface,
+    @inject(TYPES.Timer) timer: TimerInterface,
+    @inject(TYPES.Logger) logger: Logger,
+  ) {
+    super(serviceProxy, jwtSecret, crossServiceTokenCacheTTL, crossServiceTokenCache, timer, logger)
+  }
+
+  protected override handleSessionValidationResponse(
+    authResponse: { status: number; data: unknown; headers: { contentType: string } },
+    _response: Response,
+    next: NextFunction,
+  ): boolean {
+    if (authResponse.status > 200) {
+      next()
+
+      return false
+    }
+
+    return true
+  }
+
+  protected override handleMissingAuthHeader(
+    authHeaderValue: string | undefined,
+    _response: Response,
+    next: NextFunction,
+  ): boolean {
+    if (!authHeaderValue) {
+      next()
+
+      return false
+    }
+
+    return true
+  }
+}
@@ -0,0 +1,57 @@
+import { TimerInterface } from '@standardnotes/time'
+import { NextFunction, Response } from 'express'
+import { inject, injectable } from 'inversify'
+import { Logger } from 'winston'
+
+import { TYPES } from '../Bootstrap/Types'
+import { CrossServiceTokenCacheInterface } from '../Service/Cache/CrossServiceTokenCacheInterface'
+import { ServiceProxyInterface } from '../Service/Http/ServiceProxyInterface'
+import { AuthMiddleware } from './AuthMiddleware'
+
+@injectable()
+export class RequiredCrossServiceTokenMiddleware extends AuthMiddleware {
+  constructor(
+    @inject(TYPES.ServiceProxy) serviceProxy: ServiceProxyInterface,
+    @inject(TYPES.AUTH_JWT_SECRET) jwtSecret: string,
+    @inject(TYPES.CROSS_SERVICE_TOKEN_CACHE_TTL) crossServiceTokenCacheTTL: number,
+    @inject(TYPES.CrossServiceTokenCache) crossServiceTokenCache: CrossServiceTokenCacheInterface,
+    @inject(TYPES.Timer) timer: TimerInterface,
+    @inject(TYPES.Logger) logger: Logger,
+  ) {
+    super(serviceProxy, jwtSecret, crossServiceTokenCacheTTL, crossServiceTokenCache, timer, logger)
+  }
+
+  protected override handleSessionValidationResponse(
+    authResponse: { status: number; data: unknown; headers: { contentType: string } },
+    response: Response,
+    _next: NextFunction,
+  ): boolean {
+    if (authResponse.status > 200) {
+      response.setHeader('content-type', authResponse.headers.contentType)
+      response.status(authResponse.status).send(authResponse.data)
+
+      return false
+    }
+
+    return true
+  }
+
+  protected override handleMissingAuthHeader(
+    authHeaderValue: string | undefined,
+    response: Response,
+    _next: NextFunction,
+  ): boolean {
+    if (!authHeaderValue) {
+      response.status(401).send({
+        error: {
+          tag: 'invalid-auth',
+          message: 'Invalid login credentials.',
+        },
+      })
+
+      return false
+    }
+
+    return true
+  }
+}
@@ -118,7 +118,7 @@ export class SubscriptionTokenAuthMiddleware extends BaseMiddleware {
      verify(authResponse.data.authToken, this.jwtSecret, { algorithms: ['HS256'] })
    )

-    response.locals.userUuid = decodedToken.user.uuid
+    response.locals.user = decodedToken.user
    response.locals.roles = decodedToken.roles
  }
 }
@@ -63,7 +63,7 @@ export class WebSocketAuthMiddleware extends BaseMiddleware {
      response.locals.freeUser =
        decodedToken.roles.length === 1 &&
        decodedToken.roles.find((role) => role.name === RoleName.NAMES.CoreUser) !== undefined
-      response.locals.userUuid = decodedToken.user.uuid
+      response.locals.user = decodedToken.user
      response.locals.roles = decodedToken.roles
    } catch (error) {
      const errorMessage = (error as AxiosError).isAxiosError
@@ -24,7 +24,7 @@ export class ActionsController extends BaseHttpController {
    )
  }

-  @httpGet('/login-params')
+  @httpGet('/login-params', TYPES.OptionalCrossServiceTokenMiddleware)
  async loginParams(request: Request, response: Response): Promise<void> {
    await this.serviceProxy.callAuthServer(
      request,
@@ -34,7 +34,7 @@ export class ActionsController extends BaseHttpController {
    )
  }

-  @httpPost('/logout')
+  @httpPost('/logout', TYPES.OptionalCrossServiceTokenMiddleware)
  async logout(request: Request, response: Response): Promise<void> {
    await this.serviceProxy.callAuthServer(
      request,
@@ -54,7 +54,7 @@ export class ActionsController extends BaseHttpController {
    )
  }

-  @httpPost('/recovery/codes', TYPES.AuthMiddleware)
+  @httpPost('/recovery/codes', TYPES.RequiredCrossServiceTokenMiddleware)
  async recoveryCodes(request: Request, response: Response): Promise<void> {
    await this.serviceProxy.callAuthServer(
      request,
@@ -15,7 +15,7 @@ export class AuthenticatorsController extends BaseHttpController {
    super()
  }

-  @httpDelete('/:authenticatorId', TYPES.AuthMiddleware)
+  @httpDelete('/:authenticatorId', TYPES.RequiredCrossServiceTokenMiddleware)
  async delete(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -29,7 +29,7 @@ export class AuthenticatorsController extends BaseHttpController {
    )
  }

-  @httpGet('/', TYPES.AuthMiddleware)
+  @httpGet('/', TYPES.RequiredCrossServiceTokenMiddleware)
  async list(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -39,7 +39,7 @@ export class AuthenticatorsController extends BaseHttpController {
    )
  }

-  @httpGet('/generate-registration-options', TYPES.AuthMiddleware)
+  @httpGet('/generate-registration-options', TYPES.RequiredCrossServiceTokenMiddleware)
  async generateRegistrationOptions(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -59,7 +59,7 @@ export class AuthenticatorsController extends BaseHttpController {
    )
  }

-  @httpPost('/verify-registration', TYPES.AuthMiddleware)
+  @httpPost('/verify-registration', TYPES.RequiredCrossServiceTokenMiddleware)
  async verifyRegistration(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -15,7 +15,7 @@ export class FilesController extends BaseHttpController {
    super()
  }

-  @httpPost('/valet-tokens', TYPES.AuthMiddleware)
+  @httpPost('/valet-tokens', TYPES.RequiredCrossServiceTokenMiddleware)
  async createToken(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -5,10 +5,10 @@ import { TYPES } from '../../Bootstrap/Types'
 import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
 import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolverInterface'

-@controller('/v1/items', TYPES.AuthMiddleware)
+@controller('/v1/items', TYPES.RequiredCrossServiceTokenMiddleware)
 export class ItemsController extends BaseHttpController {
  constructor(
-    @inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ServiceProxy) private serviceProxy: ServiceProxyInterface,
    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
  ) {
    super()
@@ -16,7 +16,7 @@ export class ItemsController extends BaseHttpController {

  @httpPost('/')
  async sync(request: Request, response: Response): Promise<void> {
-    await this.httpService.callSyncingServer(
+    await this.serviceProxy.callSyncingServer(
      request,
      response,
      this.endpointResolver.resolveEndpointOrMethodIdentifier('POST', 'items/sync'),
@@ -26,7 +26,7 @@ export class ItemsController extends BaseHttpController {

  @httpPost('/check-integrity')
  async checkIntegrity(request: Request, response: Response): Promise<void> {
-    await this.httpService.callSyncingServer(
+    await this.serviceProxy.callSyncingServer(
      request,
      response,
      this.endpointResolver.resolveEndpointOrMethodIdentifier('POST', 'items/check-integrity'),
@@ -36,7 +36,7 @@ export class ItemsController extends BaseHttpController {

  @httpGet('/:uuid')
  async getItem(request: Request, response: Response): Promise<void> {
-    await this.httpService.callSyncingServer(
+    await this.serviceProxy.callSyncingServer(
      request,
      response,
      this.endpointResolver.resolveEndpointOrMethodIdentifier('GET', 'items/:uuid', request.params.uuid),
@@ -1,7 +1,7 @@
 import { BaseHttpController, controller, httpDelete, httpGet, results } from 'inversify-express-utils'
 import { TYPES } from '../../Bootstrap/Types'

-@controller('/v1/items/:item_id/revisions', TYPES.AuthMiddleware)
+@controller('/v1/items/:item_id/revisions', TYPES.RequiredCrossServiceTokenMiddleware)
 export class RevisionsController extends BaseHttpController {
  @httpGet('/')
  async getRevisions(): Promise<results.JsonResult> {
@@ -14,7 +14,7 @@ export class SessionsController extends BaseHttpController {
    super()
  }

-  @httpGet('/', TYPES.AuthMiddleware)
+  @httpGet('/', TYPES.RequiredCrossServiceTokenMiddleware)
  async getSessions(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -23,7 +23,7 @@ export class SessionsController extends BaseHttpController {
    )
  }

-  @httpDelete('/:uuid', TYPES.AuthMiddleware)
+  @httpDelete('/:uuid', TYPES.RequiredCrossServiceTokenMiddleware)
  async deleteSession(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -35,7 +35,7 @@ export class SessionsController extends BaseHttpController {
    )
  }

-  @httpDelete('/', TYPES.AuthMiddleware)
+  @httpDelete('/', TYPES.RequiredCrossServiceTokenMiddleware)
  async deleteSessions(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -15,7 +15,7 @@ export class SubscriptionInvitesController extends BaseHttpController {
    super()
  }

-  @httpPost('/', TYPES.AuthMiddleware)
+  @httpPost('/', TYPES.RequiredCrossServiceTokenMiddleware)
  async inviteToSubscriptionSharing(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -25,7 +25,7 @@ export class SubscriptionInvitesController extends BaseHttpController {
    )
  }

-  @httpGet('/', TYPES.AuthMiddleware)
+  @httpGet('/', TYPES.RequiredCrossServiceTokenMiddleware)
  async listInvites(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -35,7 +35,7 @@ export class SubscriptionInvitesController extends BaseHttpController {
    )
  }

-  @httpDelete('/:inviteUuid', TYPES.AuthMiddleware)
+  @httpDelete('/:inviteUuid', TYPES.RequiredCrossServiceTokenMiddleware)
  async cancelSubscriptionSharing(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -48,7 +48,7 @@ export class SubscriptionInvitesController extends BaseHttpController {
    )
  }

-  @httpPost('/:inviteUuid/accept', TYPES.AuthMiddleware)
+  @httpPost('/:inviteUuid/accept', TYPES.RequiredCrossServiceTokenMiddleware)
  async acceptInvite(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -15,7 +15,7 @@ export class TokensController extends BaseHttpController {
    super()
  }

-  @httpPost('/', TYPES.AuthMiddleware)
+  @httpPost('/', TYPES.RequiredCrossServiceTokenMiddleware)
  async createToken(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -37,7 +37,7 @@ export class UsersController extends BaseHttpController {
    await this.httpService.callPaymentsServer(request, response, 'api/pro_users/send-activation-code', request.body)
  }

-  @httpPatch('/:userId', TYPES.AuthMiddleware)
+  @httpPatch('/:userId', TYPES.RequiredCrossServiceTokenMiddleware)
  async updateUser(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -47,7 +47,7 @@ export class UsersController extends BaseHttpController {
    )
  }

-  @httpPut('/:userUuid/password', TYPES.AuthMiddleware)
+  @httpPut('/:userUuid/password', TYPES.RequiredCrossServiceTokenMiddleware)
  async changePassword(request: Request, response: Response): Promise<void> {
    this.logger.debug(
      '[DEPRECATED] use endpoint /v1/users/:userUuid/attributes/credentials instead of /v1/users/:userUuid/password',
@@ -65,7 +65,7 @@ export class UsersController extends BaseHttpController {
    )
  }

-  @httpPut('/:userUuid/attributes/credentials', TYPES.AuthMiddleware)
+  @httpPut('/:userUuid/attributes/credentials', TYPES.RequiredCrossServiceTokenMiddleware)
  async changeCredentials(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -79,7 +79,7 @@ export class UsersController extends BaseHttpController {
    )
  }

-  @httpGet('/:userId/params', TYPES.AuthMiddleware)
+  @httpGet('/:userId/params', TYPES.RequiredCrossServiceTokenMiddleware)
  async getKeyParams(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -88,12 +88,12 @@ export class UsersController extends BaseHttpController {
    )
  }

-  @all('/:userId/mfa', TYPES.AuthMiddleware)
+  @all('/:userId/mfa', TYPES.RequiredCrossServiceTokenMiddleware)
  async blockMFA(): Promise<results.StatusCodeResult> {
    return this.statusCode(401)
  }

-  @httpPost('/:userUuid/integrations/listed', TYPES.AuthMiddleware)
+  @httpPost('/:userUuid/integrations/listed', TYPES.RequiredCrossServiceTokenMiddleware)
  async createListedAccount(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -113,7 +113,7 @@ export class UsersController extends BaseHttpController {
    )
  }

-  @httpGet('/:userUuid/settings', TYPES.AuthMiddleware)
+  @httpGet('/:userUuid/settings', TYPES.RequiredCrossServiceTokenMiddleware)
  async listSettings(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -126,7 +126,7 @@ export class UsersController extends BaseHttpController {
    )
  }

-  @httpPut('/:userUuid/settings', TYPES.AuthMiddleware)
+  @httpPut('/:userUuid/settings', TYPES.RequiredCrossServiceTokenMiddleware)
  async putSetting(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -140,7 +140,7 @@ export class UsersController extends BaseHttpController {
    )
  }

-  @httpGet('/:userUuid/settings/:settingName', TYPES.AuthMiddleware)
+  @httpGet('/:userUuid/settings/:settingName', TYPES.RequiredCrossServiceTokenMiddleware)
  async getSetting(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -154,7 +154,7 @@ export class UsersController extends BaseHttpController {
    )
  }

-  @httpDelete('/:userUuid/settings/:settingName', TYPES.AuthMiddleware)
+  @httpDelete('/:userUuid/settings/:settingName', TYPES.RequiredCrossServiceTokenMiddleware)
  async deleteSetting(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -169,7 +169,7 @@ export class UsersController extends BaseHttpController {
    )
  }

-  @httpGet('/:userUuid/subscription-settings/:subscriptionSettingName', TYPES.AuthMiddleware)
+  @httpGet('/:userUuid/subscription-settings/:subscriptionSettingName', TYPES.RequiredCrossServiceTokenMiddleware)
  async getSubscriptionSetting(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -183,7 +183,7 @@ export class UsersController extends BaseHttpController {
    )
  }

-  @httpGet('/:userUuid/features', TYPES.AuthMiddleware)
+  @httpGet('/:userUuid/features', TYPES.RequiredCrossServiceTokenMiddleware)
  async getFeatures(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -196,7 +196,7 @@ export class UsersController extends BaseHttpController {
    )
  }

-  @httpGet('/:userUuid/subscription', TYPES.AuthMiddleware)
+  @httpGet('/:userUuid/subscription', TYPES.RequiredCrossServiceTokenMiddleware)
  async getSubscription(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -227,17 +227,17 @@ export class UsersController extends BaseHttpController {
      this.endpointResolver.resolveEndpointOrMethodIdentifier(
        'GET',
        'users/:userUuid/subscription',
-        response.locals.userUuid,
+        response.locals.user.uuid,
      ),
    )
  }

-  @httpDelete('/:userUuid', TYPES.AuthMiddleware)
+  @httpDelete('/:userUuid', TYPES.RequiredCrossServiceTokenMiddleware)
  async deleteUser(request: Request, response: Response): Promise<void> {
    await this.httpService.callPaymentsServer(request, response, 'api/account', request.body)
  }

-  @httpPost('/:userUuid/requests', TYPES.AuthMiddleware)
+  @httpPost('/:userUuid/requests', TYPES.RequiredCrossServiceTokenMiddleware)
  async submitRequest(request: Request, response: Response): Promise<void> {
    await this.httpService.callAuthServer(
      request,
@@ -17,7 +17,7 @@ export class WebSocketsController extends BaseHttpController {
    super()
  }

-  @httpPost('/tokens', TYPES.AuthMiddleware)
+  @httpPost('/tokens', TYPES.RequiredCrossServiceTokenMiddleware)
  async createWebSocketConnectionToken(request: Request, response: Response): Promise<void> {
    await this.httpService.callWebSocketServer(
      request,
@@ -9,7 +9,7 @@ import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolv
@controller('/v2')
 export class ActionsControllerV2 extends BaseHttpController {
  constructor(
-    @inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
+    @inject(TYPES.ServiceProxy) private serviceProxy: ServiceProxyInterface,
    @inject(TYPES.EndpointResolver) private endpointResolver: EndpointResolverInterface,
  ) {
    super()
@@ -17,7 +17,7 @@ export class ActionsControllerV2 extends BaseHttpController {

  @httpPost('/login')
  async login(request: Request, response: Response): Promise<void> {
-    await this.httpService.callAuthServer(
+    await this.serviceProxy.callAuthServer(
      request,
      response,
      this.endpointResolver.resolveEndpointOrMethodIdentifier('POST', 'auth/pkce_sign_in'),
@@ -25,9 +25,9 @@ export class ActionsControllerV2 extends BaseHttpController {
    )
  }

-  @httpPost('/login-params')
+  @httpPost('/login-params', TYPES.OptionalCrossServiceTokenMiddleware)
  async loginParams(request: Request, response: Response): Promise<void> {
-    await this.httpService.callAuthServer(
+    await this.serviceProxy.callAuthServer(
      request,
      response,
      this.endpointResolver.resolveEndpointOrMethodIdentifier('POST', 'auth/pkce_params'),
@@ -6,7 +6,7 @@ import { TYPES } from '../../Bootstrap/Types'
 import { ServiceProxyInterface } from '../../Service/Http/ServiceProxyInterface'
 import { EndpointResolverInterface } from '../../Service/Resolver/EndpointResolverInterface'

-@controller('/v2/items/:itemUuid/revisions', TYPES.AuthMiddleware)
+@controller('/v2/items/:itemUuid/revisions', TYPES.RequiredCrossServiceTokenMiddleware)
 export class RevisionsControllerV2 extends BaseHttpController {
  constructor(
    @inject(TYPES.ServiceProxy) private httpService: ServiceProxyInterface,
@@ -28,7 +28,7 @@ export class RevisionsControllerV2 extends BaseHttpController {
    )
  }

-  @httpGet('/:id')
+  @httpGet('/:uuid')
  async getRevision(request: Request, response: Response): Promise<void> {
    await this.httpService.callRevisionsServer(
      request,
@@ -37,12 +37,12 @@ export class RevisionsControllerV2 extends BaseHttpController {
        'GET',
        'items/:itemUuid/revisions/:id',
        request.params.itemUuid,
-        request.params.id,
+        request.params.uuid,
      ),
    )
  }

-  @httpDelete('/:id')
+  @httpDelete('/:uuid')
  async deleteRevision(request: Request, response: Response): Promise<void> {
    await this.httpService.callRevisionsServer(
      request,
@@ -51,7 +51,7 @@ export class RevisionsControllerV2 extends BaseHttpController {
        'DELETE',
        'items/:itemUuid/revisions/:id',
        request.params.itemUuid,
-        request.params.id,
+        request.params.uuid,
      ),
    )
  }
@@ -262,7 +262,7 @@ export class HttpServiceProxy implements ServiceProxyInterface {
    response.status(serviceResponse.status).send({
      meta: {
        auth: {
-          userUuid: response.locals.userUuid,
+          userUuid: response.locals.user?.uuid,
          roles: response.locals.roles,
        },
        server: {
@@ -4,7 +4,7 @@ import { ServiceProxyInterface } from '../Http/ServiceProxyInterface'
 import { ServiceContainerInterface, ServiceIdentifier } from '@standardnotes/domain-core'

 export class DirectCallServiceProxy implements ServiceProxyInterface {
-  constructor(private serviceContainer: ServiceContainerInterface) {}
+  constructor(private serviceContainer: ServiceContainerInterface, private filesServerUrl: string) {}

  async validateSession(
    authorizationHeaderValue: string,
@@ -49,7 +49,7 @@ export class DirectCallServiceProxy implements ServiceProxyInterface {
      json: Record<string, unknown>
    }

-    void (response as Response).status(serviceResponse.statusCode).send(serviceResponse.json)
+    this.sendDecoratedResponse(response, serviceResponse)
  }

  async callAuthServerWithLegacyFormat(
@@ -66,7 +66,12 @@ export class DirectCallServiceProxy implements ServiceProxyInterface {
      throw new Error('Revisions service not found')
    }

-    await service.handleRequest(request, response, endpointOrMethodIdentifier)
+    const serviceResponse = (await service.handleRequest(request, response, endpointOrMethodIdentifier)) as {
+      statusCode: number
+      json: Record<string, unknown>
+    }
+
+    this.sendDecoratedResponse(response, serviceResponse)
  }

  async callSyncingServer(request: never, response: never, endpointOrMethodIdentifier: string): Promise<void> {
@@ -77,7 +82,12 @@ export class DirectCallServiceProxy implements ServiceProxyInterface {
      throw new Error('Syncing service not found')
    }

-    await service.handleRequest(request, response, endpointOrMethodIdentifier)
+    const serviceResponse = (await service.handleRequest(request, response, endpointOrMethodIdentifier)) as {
+      statusCode: number
+      json: Record<string, unknown>
+    }
+
+    this.sendDecoratedResponse(response, serviceResponse)
  }

  async callLegacySyncingServer(
@@ -99,4 +109,22 @@ export class DirectCallServiceProxy implements ServiceProxyInterface {
  ): Promise<void> {
    throw new Error('Websockets server is not available.')
  }
+
+  private sendDecoratedResponse(
+    response: Response,
+    serviceResponse: { statusCode: number; json: Record<string, unknown> },
+  ): void {
+    void response.status(serviceResponse.statusCode).send({
+      meta: {
+        auth: {
+          userUuid: response.locals.user?.uuid,
+          roles: response.locals.roles,
+        },
+        server: {
+          filesServerUrl: this.filesServerUrl,
+        },
+      },
+      data: serviceResponse.json,
+    })
+  }
 }
@@ -13,6 +13,9 @@ export class EndpointResolver implements EndpointResolverInterface {
    ['[POST]:auth/recovery/codes', 'auth.generateRecoveryCodes'],
    ['[POST]:auth/recovery/login', 'auth.signInWithRecoveryCodes'],
    ['[POST]:auth/recovery/params', 'auth.recoveryKeyParams'],
+    // v2 Actions Controller
+    ['[POST]:auth/pkce_sign_in', 'auth.pkceSignIn'],
+    ['[POST]:auth/pkce_params', 'auth.pkceParams'],
    // Authenticators Controller
    ['[DELETE]:authenticators/:authenticatorId', 'auth.authenticators.delete'],
    ['[GET]:authenticators/', 'auth.authenticators.list'],
@@ -51,6 +54,14 @@ export class EndpointResolver implements EndpointResolverInterface {
    ['[GET]:users/:userUuid/subscription', 'auth.users.getSubscription'],
    ['[GET]:offline/users/subscription', 'auth.users.getOfflineSubscriptionByToken'],
    ['[POST]:users/:userUuid/requests', 'auth.users.createRequest'],
+    // Syncing Server
+    ['[POST]:items/sync', 'sync.items.sync'],
+    ['[POST]:items/check-integrity', 'sync.items.check_integrity'],
+    ['[GET]:items/:uuid', 'sync.items.get_item'],
+    // Revisions Controller V2
+    ['[GET]:items/:itemUuid/revisions', 'revisions.revisions.getRevisions'],
+    ['[GET]:items/:itemUuid/revisions/:id', 'revisions.revisions.getRevision'],
+    ['[DELETE]:items/:itemUuid/revisions/:id', 'revisions.revisions.deleteRevision'],
  ])

  resolveEndpointOrMethodIdentifier(method: string, endpoint: string, ...params: string[]): string {
@@ -3,6 +3,34 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+# [1.111.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.110.0...@standardnotes/auth-server@1.111.0) (2023-05-25)
+
+### Features
+
+* add revisions service to home server ([#613](https://github.com/standardnotes/server/issues/613)) ([c70040f](https://github.com/standardnotes/server/commit/c70040fe5dfd35663b9811fbbaa9370bd0298482))
+
+# [1.110.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.109.2...@standardnotes/auth-server@1.110.0) (2023-05-25)
+
+### Features
+
+* refactor auth middleware to handle required and optional cross service token scenarios ([#612](https://github.com/standardnotes/server/issues/612)) ([1e4c7d0](https://github.com/standardnotes/server/commit/1e4c7d0f317d5c2d98065da12ffeb950b10ee5dc))
+
+## [1.109.2](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.109.1...@standardnotes/auth-server@1.109.2) (2023-05-18)
+
+### Bug Fixes
+
+* **auth:** changing user credentials to work both on http proxy and direct code call ([cc61229](https://github.com/standardnotes/server/commit/cc612296d0fbfa7e95556fda45eb9706845e4f58))
+
+## [1.109.1](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.109.0...@standardnotes/auth-server@1.109.1) (2023-05-18)
+
+**Note:** Version bump only for package @standardnotes/auth-server
+
+# [1.109.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.108.0...@standardnotes/auth-server@1.109.0) (2023-05-17)
+
+### Features
+
+* bundle syncing server into home server setup ([#611](https://github.com/standardnotes/server/issues/611)) ([b3b617e](https://github.com/standardnotes/server/commit/b3b617ea0b4f4574f6aa7cfae0e9fa8f868f1f4c))
+
 # [1.108.0](https://github.com/standardnotes/server/compare/@standardnotes/auth-server@1.107.0...@standardnotes/auth-server@1.108.0) (2023-05-17)

 ### Features
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/auth-server",
-  "version": "1.108.0",
+  "version": "1.111.0",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -241,17 +241,16 @@ import { InversifyExpressSubscriptionTokensController } from '../Infra/Inversify
 import { InversifyExpressSubscriptionSettingsController } from '../Infra/InversifyExpressUtils/InversifyExpressSubscriptionSettingsController'
 import { InversifyExpressSettingsController } from '../Infra/InversifyExpressUtils/InversifyExpressSettingsController'
 import { SessionMiddleware } from '../Infra/InversifyExpressUtils/Middleware/SessionMiddleware'
-import { ApiGatewayAuthMiddleware } from '../Infra/InversifyExpressUtils/Middleware/ApiGatewayAuthMiddleware'
 import { ApiGatewayOfflineAuthMiddleware } from '../Infra/InversifyExpressUtils/Middleware/ApiGatewayOfflineAuthMiddleware'
-import { AuthMiddleware } from '../Infra/InversifyExpressUtils/Middleware/AuthMiddleware'
 import { OfflineUserAuthMiddleware } from '../Infra/InversifyExpressUtils/Middleware/OfflineUserAuthMiddleware'
-import { AuthMiddlewareWithoutResponse } from '../Infra/InversifyExpressUtils/Middleware/AuthMiddlewareWithoutResponse'
 import { LockMiddleware } from '../Infra/InversifyExpressUtils/Middleware/LockMiddleware'
 import { InversifyExpressSessionController } from '../Infra/InversifyExpressUtils/InversifyExpressSessionController'
 import { InversifyExpressOfflineController } from '../Infra/InversifyExpressUtils/InversifyExpressOfflineController'
 import { InversifyExpressListedController } from '../Infra/InversifyExpressUtils/InversifyExpressListedController'
 import { InversifyExpressInternalController } from '../Infra/InversifyExpressUtils/InversifyExpressInternalController'
 import { InversifyExpressFeaturesController } from '../Infra/InversifyExpressUtils/InversifyExpressFeaturesController'
+import { RequiredCrossServiceTokenMiddleware } from '../Infra/InversifyExpressUtils/Middleware/RequiredCrossServiceTokenMiddleware'
+import { OptionalCrossServiceTokenMiddleware } from '../Infra/InversifyExpressUtils/Middleware/OptionalCrossServiceTokenMiddleware'

 // eslint-disable-next-line @typescript-eslint/no-var-requires
 const newrelicFormatter = require('@newrelic/winston-enricher')
@@ -296,6 +295,7 @@ export class ContainerConfigLoader {
      level: env.get('LOG_LEVEL') || 'info',
      format: winston.format.combine(...winstonFormatters),
      transports: [new winston.transports.Console({ level: env.get('LOG_LEVEL') || 'info' })],
+      defaultMeta: { service: 'auth' },
    })
    container.bind<winston.Logger>(TYPES.Auth_Logger).toConstantValue(logger)

@@ -447,13 +447,14 @@ export class ContainerConfigLoader {
      )

    // Middleware
-    container.bind<AuthMiddleware>(TYPES.Auth_AuthMiddleware).to(AuthMiddleware)
    container.bind<SessionMiddleware>(TYPES.Auth_SessionMiddleware).to(SessionMiddleware)
    container.bind<LockMiddleware>(TYPES.Auth_LockMiddleware).to(LockMiddleware)
    container
-      .bind<AuthMiddlewareWithoutResponse>(TYPES.Auth_AuthMiddlewareWithoutResponse)
-      .to(AuthMiddlewareWithoutResponse)
-    container.bind<ApiGatewayAuthMiddleware>(TYPES.Auth_ApiGatewayAuthMiddleware).to(ApiGatewayAuthMiddleware)
+      .bind<RequiredCrossServiceTokenMiddleware>(TYPES.Auth_RequiredCrossServiceTokenMiddleware)
+      .to(RequiredCrossServiceTokenMiddleware)
+    container
+      .bind<OptionalCrossServiceTokenMiddleware>(TYPES.Auth_OptionalCrossServiceTokenMiddleware)
+      .to(OptionalCrossServiceTokenMiddleware)
    container
      .bind<ApiGatewayOfflineAuthMiddleware>(TYPES.Auth_ApiGatewayOfflineAuthMiddleware)
      .to(ApiGatewayOfflineAuthMiddleware)
@@ -517,7 +518,7 @@ export class ContainerConfigLoader {
      .toConstantValue(env.get('USER_SERVER_CHANGE_EMAIL_URL', true))
    container.bind(TYPES.Auth_NEW_RELIC_ENABLED).toConstantValue(env.get('NEW_RELIC_ENABLED', true))
    container.bind(TYPES.Auth_SYNCING_SERVER_URL).toConstantValue(env.get('SYNCING_SERVER_URL', true))
-    container.bind(TYPES.Auth_VERSION).toConstantValue(env.get('VERSION'))
+    container.bind(TYPES.Auth_VERSION).toConstantValue(env.get('VERSION', true) ?? 'development')
    container.bind(TYPES.Auth_PAYMENTS_SERVER_URL).toConstantValue(env.get('PAYMENTS_SERVER_URL', true))
    container
      .bind(TYPES.Auth_SESSION_TRACE_DAYS_TTL)
@@ -14,7 +14,7 @@ export class Service implements ServiceInterface {
    private controllerContainer: ControllerContainerInterface,
    private directCallDomainEventPublisher: DirectCallDomainEventPublisher,
  ) {
-    this.serviceContainer.register(ServiceIdentifier.create(ServiceIdentifier.NAMES.Auth).getValue(), this)
+    this.serviceContainer.register(this.getId(), this)
  }

  async handleRequest(request: never, response: never, endpointOrMethodIdentifier: string): Promise<unknown> {
@@ -51,11 +51,10 @@ const TYPES = {
  Auth_ORMAuthenticatorChallengeRepository: Symbol.for('Auth_ORMAuthenticatorChallengeRepository'),
  Auth_ORMCacheEntryRepository: Symbol.for('Auth_ORMCacheEntryRepository'),
  // Middleware
-  Auth_AuthMiddleware: Symbol.for('Auth_AuthMiddleware'),
-  Auth_ApiGatewayAuthMiddleware: Symbol.for('Auth_ApiGatewayAuthMiddleware'),
+  Auth_RequiredCrossServiceTokenMiddleware: Symbol.for('Auth_RequiredCrossServiceTokenMiddleware'),
+  Auth_OptionalCrossServiceTokenMiddleware: Symbol.for('Auth_OptionalCrossServiceTokenMiddleware'),
  Auth_ApiGatewayOfflineAuthMiddleware: Symbol.for('Auth_ApiGatewayOfflineAuthMiddleware'),
  Auth_OfflineUserAuthMiddleware: Symbol.for('Auth_OfflineUserAuthMiddleware'),
-  Auth_AuthMiddlewareWithoutResponse: Symbol.for('Auth_AuthMiddlewareWithoutResponse'),
  Auth_LockMiddleware: Symbol.for('Auth_LockMiddleware'),
  Auth_SessionMiddleware: Symbol.for('Auth_SessionMiddleware'),
  // Projectors
@@ -11,6 +11,7 @@ import { User } from '../../User/User'
 import { UserRepositoryInterface } from '../../User/UserRepositoryInterface'

 import { ChangeCredentials } from './ChangeCredentials'
+import { Username } from '@standardnotes/domain-core'

 describe('ChangeCredentials', () => {
  let userRepository: UserRepositoryInterface
@@ -25,9 +26,6 @@ describe('ChangeCredentials', () => {
    new ChangeCredentials(userRepository, authResponseFactoryResolver, domainEventPublisher, domainEventFactory, timer)

  beforeEach(() => {
-    userRepository = {} as jest.Mocked<UserRepositoryInterface>
-    userRepository.save = jest.fn()
-
    authResponseFactory = {} as jest.Mocked<AuthResponseFactoryInterface>
    authResponseFactory.createResponse = jest.fn().mockReturnValue({ foo: 'bar' })

@@ -39,6 +37,10 @@ describe('ChangeCredentials', () => {
    user.uuid = '1-2-3'
    user.email = 'test@test.te'

+    userRepository = {} as jest.Mocked<UserRepositoryInterface>
+    userRepository.save = jest.fn()
+    userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValue(user)
+
    domainEventPublisher = {} as jest.Mocked<DomainEventPublisherInterface>
    domainEventPublisher.publish = jest.fn()

@@ -52,7 +54,7 @@ describe('ChangeCredentials', () => {
  it('should change password', async () => {
    expect(
      await createUseCase().execute({
-        user,
+        username: Username.create('test@test.te').getValue(),
        apiVersion: '20190520',
        currentPassword: 'qweqwe123123',
        newPassword: 'test234',
@@ -82,11 +84,11 @@ describe('ChangeCredentials', () => {
  })

  it('should change email', async () => {
-    userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValue(null)
+    userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValueOnce(user).mockReturnValueOnce(null)

    expect(
      await createUseCase().execute({
-        user,
+        username: Username.create('test@test.te').getValue(),
        apiVersion: '20190520',
        currentPassword: 'qweqwe123123',
        newPassword: 'test234',
@@ -117,11 +119,14 @@ describe('ChangeCredentials', () => {
  })

  it('should not change email if already taken', async () => {
-    userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValue({} as jest.Mocked<User>)
+    userRepository.findOneByUsernameOrEmail = jest
+      .fn()
+      .mockReturnValueOnce(user)
+      .mockReturnValueOnce({} as jest.Mocked<User>)

    expect(
      await createUseCase().execute({
-        user,
+        username: Username.create('test@test.te').getValue(),
        apiVersion: '20190520',
        currentPassword: 'qweqwe123123',
        newPassword: 'test234',
@@ -144,7 +149,7 @@ describe('ChangeCredentials', () => {
  it('should not change email if the new email is invalid', async () => {
    expect(
      await createUseCase().execute({
-        user,
+        username: Username.create('test@test.te').getValue(),
        apiVersion: '20190520',
        currentPassword: 'qweqwe123123',
        newPassword: 'test234',
@@ -164,10 +169,35 @@ describe('ChangeCredentials', () => {
    expect(domainEventPublisher.publish).not.toHaveBeenCalled()
  })

+  it('should not change email if the user is not found', async () => {
+    userRepository.findOneByUsernameOrEmail = jest.fn().mockReturnValue(null)
+
+    expect(
+      await createUseCase().execute({
+        username: Username.create('test@test.te').getValue(),
+        apiVersion: '20190520',
+        currentPassword: 'qweqwe123123',
+        newPassword: 'test234',
+        newEmail: '',
+        pwNonce: 'asdzxc',
+        updatedWithUserAgent: 'Google Chrome',
+        kpCreated: '123',
+        kpOrigination: 'password-change',
+      }),
+    ).toEqual({
+      success: false,
+      errorMessage: 'User not found.',
+    })
+
+    expect(userRepository.save).not.toHaveBeenCalled()
+    expect(domainEventFactory.createUserEmailChangedEvent).not.toHaveBeenCalled()
+    expect(domainEventPublisher.publish).not.toHaveBeenCalled()
+  })
+
  it('should not change password if current password is incorrect', async () => {
    expect(
      await createUseCase().execute({
-        user,
+        username: Username.create('test@test.te').getValue(),
        apiVersion: '20190520',
        currentPassword: 'test123',
        newPassword: 'test234',
@@ -185,7 +215,7 @@ describe('ChangeCredentials', () => {
  it('should update protocol version while changing password', async () => {
    expect(
      await createUseCase().execute({
-        user,
+        username: Username.create('test@test.te').getValue(),
        apiVersion: '20190520',
        currentPassword: 'qweqwe123123',
        newPassword: 'test234',
@@ -25,14 +25,22 @@ export class ChangeCredentials implements UseCaseInterface {
  ) {}

  async execute(dto: ChangeCredentialsDTO): Promise<ChangeCredentialsResponse> {
-    if (!(await bcrypt.compare(dto.currentPassword, dto.user.encryptedPassword))) {
+    const user = await this.userRepository.findOneByUsernameOrEmail(dto.username)
+    if (!user) {
+      return {
+        success: false,
+        errorMessage: 'User not found.',
+      }
+    }
+
+    if (!(await bcrypt.compare(dto.currentPassword, user.encryptedPassword))) {
      return {
        success: false,
        errorMessage: 'The current password you entered is incorrect. Please try again.',
      }
    }

-    dto.user.encryptedPassword = await bcrypt.hash(dto.newPassword, User.PASSWORD_HASH_COST)
+    user.encryptedPassword = await bcrypt.hash(dto.newPassword, User.PASSWORD_HASH_COST)

    let userEmailChangedEvent: UserEmailChangedEvent | undefined = undefined
    if (dto.newEmail !== undefined) {
@@ -54,27 +62,27 @@ export class ChangeCredentials implements UseCaseInterface {
      }

      userEmailChangedEvent = this.domainEventFactory.createUserEmailChangedEvent(
-        dto.user.uuid,
-        dto.user.email,
+        user.uuid,
+        user.email,
        newUsername.value,
      )

-      dto.user.email = newUsername.value
+      user.email = newUsername.value
    }

-    dto.user.pwNonce = dto.pwNonce
+    user.pwNonce = dto.pwNonce
    if (dto.protocolVersion) {
-      dto.user.version = dto.protocolVersion
+      user.version = dto.protocolVersion
    }
    if (dto.kpCreated) {
-      dto.user.kpCreated = dto.kpCreated
+      user.kpCreated = dto.kpCreated
    }
    if (dto.kpOrigination) {
-      dto.user.kpOrigination = dto.kpOrigination
+      user.kpOrigination = dto.kpOrigination
    }
-    dto.user.updatedAt = this.timer.getUTCDate()
+    user.updatedAt = this.timer.getUTCDate()

-    const updatedUser = await this.userRepository.save(dto.user)
+    const updatedUser = await this.userRepository.save(user)

    if (userEmailChangedEvent !== undefined) {
      await this.domainEventPublisher.publish(userEmailChangedEvent)
@@ -1,7 +1,7 @@
-import { User } from '../../User/User'
+import { Username } from '@standardnotes/domain-core'

 export type ChangeCredentialsDTO = {
-  user: User
+  username: Username
  apiVersion: string
  currentPassword: string
  newPassword: string
@@ -35,9 +35,7 @@ describe('GetUserKeyParams', () => {
  })

  it('should get key params for an authenticated user - searching by email', async () => {
-    expect(
-      await createUseCase().execute({ email: 'test@test.te', authenticated: true, authenticatedUser: user }),
-    ).toEqual({
+    expect(await createUseCase().execute({ email: 'test@test.te', authenticated: true })).toEqual({
      keyParams: {
        foo: 'bar',
      },
@@ -63,7 +61,7 @@ describe('GetUserKeyParams', () => {
  })

  it('should get key params for an authenticated user - searching by uuid', async () => {
-    expect(await createUseCase().execute({ userUuid: '1-2-3', authenticated: true, authenticatedUser: user })).toEqual({
+    expect(await createUseCase().execute({ userUuid: '1-2-3', authenticated: true })).toEqual({
      keyParams: {
        foo: 'bar',
      },
@@ -22,16 +22,6 @@ export class GetUserKeyParams implements UseCaseInterface {
  ) {}

  async execute(dto: GetUserKeyParamsDTO): Promise<GetUserKeyParamsResponse> {
-    if (dto.authenticatedUser) {
-      this.logger.debug(`Creating key params for authenticated user ${dto.authenticatedUser.email}`)
-
-      const keyParams = await this.createKeyParams(dto, dto.authenticatedUser, true)
-
-      return {
-        keyParams,
-      }
-    }
-
    let user: User | null = null
    if (dto.email !== undefined) {
      const usernameOrError = Username.create(dto.email)
@@ -1,8 +1,5 @@
-import { User } from '../../User/User'
-
 export type GetUserKeyParamsDTOV1Unchallenged = {
  authenticated: boolean
  email?: string
  userUuid?: string
-  authenticatedUser?: User
 }
@@ -1,9 +1,6 @@
-import { User } from '../../User/User'
-
 export type GetUserKeyParamsDTOV2Challenged = {
  authenticated: boolean
  codeChallenge: string
  email?: string
  userUuid?: string
-  authenticatedUser?: User
 }
@@ -44,13 +44,12 @@ export class InversifyExpressAuthController extends BaseHttpController {
    this.controllerContainer.register('auth.signOut', this.signOut.bind(this))
  }

-  @httpGet('/params', TYPES.Auth_AuthMiddlewareWithoutResponse)
+  @httpGet('/params', TYPES.Auth_OptionalCrossServiceTokenMiddleware)
  async params(request: Request, response: Response): Promise<results.JsonResult> {
    if (response.locals.session) {
      const result = await this.getUserKeyParams.execute({
        email: response.locals.user.email,
        authenticated: true,
-        authenticatedUser: response.locals.user,
      })

      return this.json(result.keyParams)
@@ -155,7 +154,7 @@ export class InversifyExpressAuthController extends BaseHttpController {
    return this.json(signInResult.authResponse)
  }

-  @httpPost('/pkce_params', TYPES.Auth_AuthMiddlewareWithoutResponse)
+  @httpPost('/pkce_params', TYPES.Auth_OptionalCrossServiceTokenMiddleware)
  async pkceParams(request: Request, response: Response): Promise<results.JsonResult> {
    if (!request.body.code_challenge) {
      return this.json(
@@ -172,7 +171,6 @@ export class InversifyExpressAuthController extends BaseHttpController {
      const result = await this.getUserKeyParams.execute({
        email: response.locals.user.email,
        authenticated: true,
-        authenticatedUser: response.locals.user,
        codeChallenge: request.body.code_challenge as string,
      })

@@ -261,7 +259,7 @@ export class InversifyExpressAuthController extends BaseHttpController {
    return this.json(signInResult.authResponse)
  }

-  @httpPost('/recovery/codes', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpPost('/recovery/codes', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async generateRecoveryCodes(_request: Request, response: Response): Promise<results.JsonResult> {
    const result = await this.authController.generateRecoveryCodes({
      userUuid: response.locals.user.uuid,
@@ -296,7 +294,7 @@ export class InversifyExpressAuthController extends BaseHttpController {
    return this.json(result.data, result.status)
  }

-  @httpPost('/sign_out', TYPES.Auth_AuthMiddlewareWithoutResponse)
+  @httpPost('/sign_out', TYPES.Auth_OptionalCrossServiceTokenMiddleware)
  async signOut(request: Request, response: Response): Promise<results.JsonResult | void> {
    const result = await this.authController.signOut({
      readOnlyAccess: response.locals.readOnlyAccess,
@@ -37,7 +37,7 @@ export class InversifyExpressAuthenticatorsController extends BaseHttpController
    )
  }

-  @httpGet('/', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpGet('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async list(_request: Request, response: Response): Promise<results.JsonResult> {
    const result = await this.authenticatorsController.list({
      userUuid: response.locals.user.uuid,
@@ -46,7 +46,7 @@ export class InversifyExpressAuthenticatorsController extends BaseHttpController
    return this.json(result.data, result.status)
  }

-  @httpDelete('/:authenticatorId', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpDelete('/:authenticatorId', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async delete(request: Request, response: Response): Promise<results.JsonResult> {
    const result = await this.authenticatorsController.delete({
      userUuid: response.locals.user.uuid,
@@ -56,7 +56,7 @@ export class InversifyExpressAuthenticatorsController extends BaseHttpController
    return this.json(result.data, result.status)
  }

-  @httpGet('/generate-registration-options', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpGet('/generate-registration-options', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async generateRegistrationOptions(_request: Request, response: Response): Promise<results.JsonResult> {
    const result = await this.authenticatorsController.generateRegistrationOptions({
      username: response.locals.user.email,
@@ -66,7 +66,7 @@ export class InversifyExpressAuthenticatorsController extends BaseHttpController
    return this.json(result.data, result.status)
  }

-  @httpPost('/verify-registration', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpPost('/verify-registration', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async verifyRegistration(request: Request, response: Response): Promise<results.JsonResult> {
    const result = await this.authenticatorsController.verifyRegistrationResponse({
      userUuid: response.locals.user.uuid,
@@ -22,7 +22,7 @@ export class InversifyExpressFeaturesController extends BaseHttpController {
    this.controllerContainer.register('auth.users.getFeatures', this.getFeatures.bind(this))
  }

-  @httpGet('/', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpGet('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async getFeatures(request: Request, response: Response): Promise<results.JsonResult> {
    if (request.params.userUuid !== response.locals.user.uuid) {
      return this.json(
@@ -18,7 +18,7 @@ export class InversifyExpressListedController extends BaseHttpController {
    this.controllerContainer.register('auth.users.createListedAccount', this.createListedAccount.bind(this))
  }

-  @httpPost('/', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpPost('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async createListedAccount(_request: Request, response: Response): Promise<results.JsonResult> {
    if (response.locals.readOnlyAccess) {
      return this.json(
@@ -64,16 +64,12 @@ describe('InversifyExpressSessionController', () => {
      },
    })

-    await createController().refresh(request, response)
+    const httpResult = <results.JsonResult>await createController().refresh(request, response)
+    const result = await httpResult.executeAsync()

-    expect(response.send).toHaveBeenCalledWith({
-      session: {
-        access_token: '1231',
-        refresh_token: '2341',
-        access_expiration: 123123,
-        refresh_expiration: 123123,
-      },
-    })
+    expect(await result.content.readAsStringAsync()).toEqual(
+      '{"session":{"access_token":"1231","refresh_token":"2341","access_expiration":123123,"refresh_expiration":123123}}',
+    )
  })

  it('should return bad request if tokens are missing from refresh token request', async () => {
@@ -113,14 +109,15 @@ describe('InversifyExpressSessionController', () => {
    }
    request.body.uuid = '123'

-    await createController().deleteSession(request, response)
+    const httpResult = <results.JsonResult>await createController().deleteSession(request, response)
+    const result = await httpResult.executeAsync()

    expect(deleteSessionForUser.execute).toBeCalledWith({
      userUuid: '123',
      sessionUuid: '123',
    })

-    expect(response.status).toHaveBeenCalledWith(204)
+    expect(result.statusCode).toEqual(204)
  })

  it('should not delete a specific session is current session has read only access', async () => {
@@ -205,15 +202,16 @@ describe('InversifyExpressSessionController', () => {
        uuid: '234',
      },
    }
-    await createController().deleteAllSessions(request, response)
+
+    const httpResult = <results.JsonResult>await createController().deleteAllSessions(request, response)
+    const result = await httpResult.executeAsync()

    expect(deletePreviousSessionsForUser.execute).toHaveBeenCalledWith({
      userUuid: '123',
      currentSessionUuid: '234',
    })

-    expect(response.status).toHaveBeenCalledWith(204)
-    expect(response.send).toHaveBeenCalled()
+    expect(result.statusCode).toEqual(204)
  })

  it('should not delete all sessions if current sessions has read only access', async () => {
@@ -26,13 +26,13 @@ export class InversifyExpressSessionController extends BaseHttpController {
  ) {
    super()

-    this.controllerContainer.register('auth.session.delete', this.deleteSession.bind(this))
-    this.controllerContainer.register('auth.session.deleteAll', this.deleteAllSessions.bind(this))
-    this.controllerContainer.register('auth.session.refresh', this.refresh.bind(this))
+    this.controllerContainer.register('auth.sessions.delete', this.deleteSession.bind(this))
+    this.controllerContainer.register('auth.sessions.deleteAll', this.deleteAllSessions.bind(this))
+    this.controllerContainer.register('auth.sessions.refresh', this.refresh.bind(this))
  }

-  @httpDelete('/', TYPES.Auth_AuthMiddleware, TYPES.Auth_SessionMiddleware)
-  async deleteSession(request: Request, response: Response): Promise<results.JsonResult | void> {
+  @httpDelete('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware, TYPES.Auth_SessionMiddleware)
+  async deleteSession(request: Request, response: Response): Promise<results.JsonResult | results.StatusCodeResult> {
    if (response.locals.readOnlyAccess) {
      return this.json(
        {
@@ -84,11 +84,15 @@ export class InversifyExpressSessionController extends BaseHttpController {
    }

    response.setHeader('x-invalidate-cache', response.locals.user.uuid)
-    response.status(204).send()
+
+    return this.statusCode(204)
  }

-  @httpDelete('/all', TYPES.Auth_AuthMiddleware, TYPES.Auth_SessionMiddleware)
-  async deleteAllSessions(_request: Request, response: Response): Promise<results.JsonResult | void> {
+  @httpDelete('/all', TYPES.Auth_RequiredCrossServiceTokenMiddleware, TYPES.Auth_SessionMiddleware)
+  async deleteAllSessions(
+    _request: Request,
+    response: Response,
+  ): Promise<results.JsonResult | results.StatusCodeResult> {
    if (response.locals.readOnlyAccess) {
      return this.json(
        {
@@ -118,11 +122,12 @@ export class InversifyExpressSessionController extends BaseHttpController {
    })

    response.setHeader('x-invalidate-cache', response.locals.user.uuid)
-    response.status(204).send()
+
+    return this.statusCode(204)
  }

  @httpPost('/refresh')
-  async refresh(request: Request, response: Response): Promise<results.JsonResult | void> {
+  async refresh(request: Request, response: Response): Promise<results.JsonResult> {
    if (!request.body.access_token || !request.body.refresh_token) {
      return this.json(
        {
@@ -152,7 +157,7 @@ export class InversifyExpressSessionController extends BaseHttpController {
    }

    response.setHeader('x-invalidate-cache', result.userUuid as string)
-    response.send({
+    return this.json({
      session: result.sessionPayload,
    })
  }
@@ -62,7 +62,7 @@ export class InversifyExpressSessionsController extends BaseHttpController {
    return this.json({ authToken: result.token })
  }

-  @httpGet('/', TYPES.Auth_AuthMiddleware, TYPES.Auth_SessionMiddleware)
+  @httpGet('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware, TYPES.Auth_SessionMiddleware)
  async getSessions(_request: Request, response: Response): Promise<results.JsonResult> {
    if (response.locals.readOnlyAccess) {
      return this.json([])
@@ -35,7 +35,7 @@ export class InversifyExpressSettingsController extends BaseHttpController {
    this.controllerContainer.register('auth.users.deleteSetting', this.deleteSetting.bind(this))
  }

-  @httpGet('/settings', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpGet('/settings', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async getSettings(request: Request, response: Response): Promise<results.JsonResult> {
    if (request.params.userUuid !== response.locals.user.uuid) {
      return this.json(
@@ -54,7 +54,7 @@ export class InversifyExpressSettingsController extends BaseHttpController {
    return this.json(result)
  }

-  @httpGet('/settings/:settingName', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpGet('/settings/:settingName', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async getSetting(request: Request, response: Response): Promise<results.JsonResult> {
    if (request.params.userUuid !== response.locals.user.uuid) {
      return this.json(
@@ -77,7 +77,7 @@ export class InversifyExpressSettingsController extends BaseHttpController {
    return this.json(result, 400)
  }

-  @httpPut('/settings', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpPut('/settings', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async updateSetting(request: Request, response: Response): Promise<results.JsonResult | results.StatusCodeResult> {
    if (response.locals.readOnlyAccess) {
      return this.json(
@@ -124,7 +124,7 @@ export class InversifyExpressSettingsController extends BaseHttpController {
    return this.json(result, result.statusCode)
  }

-  @httpDelete('/settings/:settingName', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpDelete('/settings/:settingName', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async deleteSetting(request: Request, response: Response): Promise<results.JsonResult> {
    if (response.locals.readOnlyAccess) {
      return this.json(
@@ -31,15 +31,16 @@ export class InversifyExpressSubscriptionInvitesController extends BaseHttpContr
    this.controllerContainer.register('auth.subscriptionInvites.list', this.listInvites.bind(this))
  }

-  @httpPost('/:inviteUuid/accept', TYPES.Auth_ApiGatewayAuthMiddleware)
-  async acceptInvite(request: Request, response: Response): Promise<void> {
+  @httpPost('/:inviteUuid/accept', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
+  async acceptInvite(request: Request, response: Response): Promise<results.JsonResult> {
    const result = await this.subscriptionInvitesController.acceptInvite({
      api: request.query.api as ApiVersion,
      inviteUuid: request.params.inviteUuid,
    })

    response.setHeader('x-invalidate-cache', response.locals.user.uuid)
-    response.status(result.status).send(result.data)
+
+    return this.json(result.data, result.status)
  }

  @httpGet('/:inviteUuid/decline')
@@ -52,7 +53,7 @@ export class InversifyExpressSubscriptionInvitesController extends BaseHttpContr
    return this.json(response.data, response.status)
  }

-  @httpPost('/', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpPost('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async inviteToSubscriptionSharing(request: Request, response: Response): Promise<results.JsonResult> {
    const result = await this.subscriptionInvitesController.invite({
      ...request.body,
@@ -64,7 +65,7 @@ export class InversifyExpressSubscriptionInvitesController extends BaseHttpContr
    return this.json(result.data, result.status)
  }

-  @httpDelete('/:inviteUuid', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpDelete('/:inviteUuid', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async cancelSubscriptionSharing(request: Request, response: Response): Promise<results.JsonResult> {
    const result = await this.subscriptionInvitesController.cancelInvite({
      ...request.body,
@@ -75,7 +76,7 @@ export class InversifyExpressSubscriptionInvitesController extends BaseHttpContr
    return this.json(result.data, result.status)
  }

-  @httpGet('/', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpGet('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async listInvites(request: Request, response: Response): Promise<results.JsonResult> {
    const result = await this.subscriptionInvitesController.listInvites({
      ...request.body,
@@ -22,7 +22,7 @@ export class InversifyExpressSubscriptionSettingsController extends BaseHttpCont
    this.controllerContainer.register('auth.users.getSubscriptionSetting', this.getSubscriptionSetting.bind(this))
  }

-  @httpGet('/subscription-settings/:subscriptionSettingName', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpGet('/subscription-settings/:subscriptionSettingName', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async getSubscriptionSetting(request: Request, response: Response): Promise<results.JsonResult> {
    const result = await this.doGetSetting.execute({
      userUuid: response.locals.user.uuid,
@@ -37,7 +37,7 @@ export class InversifyExpressSubscriptionTokensController extends BaseHttpContro
    this.controllerContainer.register('auth.subscription-tokens.create', this.createToken.bind(this))
  }

-  @httpPost('/', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpPost('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async createToken(_request: Request, response: Response): Promise<results.JsonResult> {
    if (response.locals.readOnlyAccess) {
      return this.json(
@@ -17,7 +17,7 @@ export class InversifyExpressUserRequestsController extends BaseHttpController {
    this.controllerContainer.register('auth.users.createRequest', this.submitRequest.bind(this))
  }

-  @httpPost('/', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpPost('/', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async submitRequest(request: Request, response: Response): Promise<results.JsonResult> {
    const result = await this.userRequestsController.submitUserRequest({
      requestType: request.body.requestType,
@@ -4,7 +4,7 @@ import * as express from 'express'

 import { InversifyExpressUsersController } from './InversifyExpressUsersController'
 import { results } from 'inversify-express-utils'
-import { ControllerContainerInterface } from '@standardnotes/domain-core'
+import { ControllerContainerInterface, Username } from '@standardnotes/domain-core'
 import { DeleteAccount } from '../../Domain/UseCase/DeleteAccount/DeleteAccount'
 import { ChangeCredentials } from '../../Domain/UseCase/ChangeCredentials/ChangeCredentials'
 import { ClearLoginAttempts } from '../../Domain/UseCase/ClearLoginAttempts'
@@ -99,7 +99,8 @@ describe('InversifyExpressUsersController', () => {

    updateUser.execute = jest.fn().mockReturnValue({ success: true, authResponse: { foo: 'bar' } })

-    await createController().update(request, response)
+    const httpResponse = <results.JsonResult>await createController().update(request, response)
+    const result = await httpResponse.executeAsync()

    expect(updateUser.execute).toHaveBeenCalledWith({
      apiVersion: '20190520',
@@ -112,7 +113,7 @@ describe('InversifyExpressUsersController', () => {
      },
    })

-    expect(response.send).toHaveBeenCalledWith({ foo: 'bar' })
+    expect(await result.content.readAsStringAsync()).toEqual('{"foo":"bar"}')
  })

  it('should not update user if session has read only access', async () => {
@@ -310,7 +311,8 @@ describe('InversifyExpressUsersController', () => {

    changeCredentials.execute = jest.fn().mockReturnValue({ success: true, authResponse: { foo: 'bar' } })

-    await createController().changeCredentials(request, response)
+    const httpResponse = <results.JsonResult>await createController().changeCredentials(request, response)
+    const result = await httpResponse.executeAsync()

    expect(changeCredentials.execute).toHaveBeenCalledWith({
      apiVersion: '20190520',
@@ -321,15 +323,12 @@ describe('InversifyExpressUsersController', () => {
      kpOrigination: 'change-password',
      pwNonce: 'asdzxc',
      protocolVersion: '004',
-      user: {
-        uuid: '123',
-        email: 'test@test.te',
-      },
+      username: Username.create('test@test.te').getValue(),
    })

    expect(clearLoginAttempts.execute).toHaveBeenCalled()

-    expect(response.send).toHaveBeenCalledWith({ foo: 'bar' })
+    expect(await result.content.readAsStringAsync()).toEqual('{"foo":"bar"}')
  })

  it('should not change a password if session has read only access', async () => {
@@ -19,7 +19,7 @@ import { GetUserSubscription } from '../../Domain/UseCase/GetUserSubscription/Ge
 import { ClearLoginAttempts } from '../../Domain/UseCase/ClearLoginAttempts'
 import { IncreaseLoginAttempts } from '../../Domain/UseCase/IncreaseLoginAttempts'
 import { ChangeCredentials } from '../../Domain/UseCase/ChangeCredentials/ChangeCredentials'
-import { ControllerContainerInterface } from '@standardnotes/domain-core'
+import { ControllerContainerInterface, Username } from '@standardnotes/domain-core'

@controller('/users')
 export class InversifyExpressUsersController extends BaseHttpController {
@@ -41,8 +41,8 @@ export class InversifyExpressUsersController extends BaseHttpController {
    this.controllerContainer.register('auth.users.updateCredentials', this.changeCredentials.bind(this))
  }

-  @httpPatch('/:userId', TYPES.Auth_ApiGatewayAuthMiddleware)
-  async update(request: Request, response: Response): Promise<results.JsonResult | void> {
+  @httpPatch('/:userId', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
+  async update(request: Request, response: Response): Promise<results.JsonResult> {
    if (response.locals.readOnlyAccess) {
      return this.json(
        {
@@ -83,9 +83,8 @@ export class InversifyExpressUsersController extends BaseHttpController {

    if (updateResult.success) {
      response.setHeader('x-invalidate-cache', response.locals.user.uuid)
-      response.send(updateResult.authResponse)

-      return
+      return this.json(updateResult.authResponse)
    }

    return this.json(
@@ -132,7 +131,7 @@ export class InversifyExpressUsersController extends BaseHttpController {
    return this.json({ message: result.message }, result.responseCode)
  }

-  @httpGet('/:userUuid/subscription', TYPES.Auth_ApiGatewayAuthMiddleware)
+  @httpGet('/:userUuid/subscription', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
  async getSubscription(request: Request, response: Response): Promise<results.JsonResult> {
    if (request.params.userUuid !== response.locals.user.uuid) {
      return this.json(
@@ -156,8 +155,8 @@ export class InversifyExpressUsersController extends BaseHttpController {
    return this.json(result, 400)
  }

-  @httpPut('/:userId/attributes/credentials', TYPES.Auth_AuthMiddleware)
-  async changeCredentials(request: Request, response: Response): Promise<results.JsonResult | void> {
+  @httpPut('/:userId/attributes/credentials', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
+  async changeCredentials(request: Request, response: Response): Promise<results.JsonResult> {
    if (response.locals.readOnlyAccess) {
      return this.json(
        {
@@ -203,9 +202,21 @@ export class InversifyExpressUsersController extends BaseHttpController {
        400,
      )
    }
+    const usernameOrError = Username.create(response.locals.user.email)
+    if (usernameOrError.isFailed()) {
+      return this.json(
+        {
+          error: {
+            message: 'Invalid username.',
+          },
+        },
+        400,
+      )
+    }
+    const username = usernameOrError.getValue()

    const changeCredentialsResult = await this.changeCredentialsUseCase.execute({
-      user: response.locals.user,
+      username,
      apiVersion: request.body.api,
      currentPassword: request.body.current_password,
      newPassword: request.body.new_password,
@@ -233,6 +244,7 @@ export class InversifyExpressUsersController extends BaseHttpController {
    await this.clearLoginAttempts.execute({ email: response.locals.user.email })

    response.setHeader('x-invalidate-cache', response.locals.user.uuid)
-    response.send(changeCredentialsResult.authResponse)
+
+    return this.json(changeCredentialsResult.authResponse)
  }
 }
@@ -13,7 +13,7 @@ import { ControllerContainerInterface, Uuid } from '@standardnotes/domain-core'
 import TYPES from '../../Bootstrap/Types'
 import { CreateValetToken } from '../../Domain/UseCase/CreateValetToken/CreateValetToken'

-@controller('/valet-tokens', TYPES.Auth_ApiGatewayAuthMiddleware)
+@controller('/valet-tokens', TYPES.Auth_RequiredCrossServiceTokenMiddleware)
 export class InversifyExpressValetTokenController extends BaseHttpController {
  constructor(
    @inject(TYPES.Auth_CreateValetToken) private createValetKey: CreateValetToken,
@@ -1,99 +0,0 @@
-import 'reflect-metadata'
-
-import { ApiGatewayAuthMiddleware } from './ApiGatewayAuthMiddleware'
-import { NextFunction, Request, Response } from 'express'
-import { Logger } from 'winston'
-import { CrossServiceTokenData, TokenDecoderInterface } from '@standardnotes/security'
-import { RoleName } from '@standardnotes/domain-core'
-
-describe('ApiGatewayAuthMiddleware', () => {
-  let tokenDecoder: TokenDecoderInterface<CrossServiceTokenData>
-  let request: Request
-  let response: Response
-  let next: NextFunction
-
-  const logger = {
-    debug: jest.fn(),
-  } as unknown as jest.Mocked<Logger>
-
-  const createMiddleware = () => new ApiGatewayAuthMiddleware(tokenDecoder, logger)
-
-  beforeEach(() => {
-    tokenDecoder = {} as jest.Mocked<TokenDecoderInterface<CrossServiceTokenData>>
-    tokenDecoder.decodeToken = jest.fn().mockReturnValue({
-      user: {
-        uuid: '1-2-3',
-        email: 'test@test.te',
-      },
-      roles: [
-        {
-          uuid: 'a-b-c',
-          name: RoleName.NAMES.CoreUser,
-        },
-      ],
-    })
-
-    request = {
-      headers: {},
-    } as jest.Mocked<Request>
-    response = {
-      locals: {},
-    } as jest.Mocked<Response>
-    response.status = jest.fn().mockReturnThis()
-    response.send = jest.fn()
-    next = jest.fn()
-  })
-
-  it('should authorize user', async () => {
-    request.headers['x-auth-token'] = 'auth-jwt-token'
-
-    await createMiddleware().handler(request, response, next)
-
-    expect(response.locals.user).toEqual({
-      uuid: '1-2-3',
-      email: 'test@test.te',
-    })
-    expect(response.locals.roles).toEqual([
-      {
-        uuid: 'a-b-c',
-        name: RoleName.NAMES.CoreUser,
-      },
-    ])
-
-    expect(next).toHaveBeenCalled()
-  })
-
-  it('should not authorize if request is missing auth jwt token in headers', async () => {
-    await createMiddleware().handler(request, response, next)
-
-    expect(response.status).toHaveBeenCalledWith(401)
-    expect(next).not.toHaveBeenCalled()
-  })
-
-  it('should not authorize if auth jwt token is malformed', async () => {
-    request.headers['x-auth-token'] = 'auth-jwt-token'
-
-    tokenDecoder.decodeToken = jest.fn().mockReturnValue(undefined)
-
-    await createMiddleware().handler(request, response, next)
-
-    expect(response.status).toHaveBeenCalledWith(401)
-    expect(next).not.toHaveBeenCalled()
-  })
-
-  it('should pass the error to next middleware if one occurres', async () => {
-    request.headers['x-auth-token'] = 'auth-jwt-token'
-
-    const error = new Error('Ooops')
-
-    tokenDecoder.decodeToken = jest.fn().mockImplementation(() => {
-      throw error
-    })
-
-    await createMiddleware().handler(request, response, next)
-
-    expect(response.status).not.toHaveBeenCalled()
-
-    expect(next).toHaveBeenCalledWith(error)
-  })
-})
@@ -1,31 +1,16 @@
 import { CrossServiceTokenData, TokenDecoderInterface } from '@standardnotes/security'
 import { NextFunction, Request, Response } from 'express'
-import { inject, injectable } from 'inversify'
 import { BaseMiddleware } from 'inversify-express-utils'
 import { Logger } from 'winston'
-import TYPES from '../../../Bootstrap/Types'

-@injectable()
-export class ApiGatewayAuthMiddleware extends BaseMiddleware {
-  constructor(
-    @inject(TYPES.Auth_CrossServiceTokenDecoder) private tokenDecoder: TokenDecoderInterface<CrossServiceTokenData>,
-    @inject(TYPES.Auth_Logger) private logger: Logger,
-  ) {
+export abstract class ApiGatewayAuthMiddleware extends BaseMiddleware {
+  constructor(private tokenDecoder: TokenDecoderInterface<CrossServiceTokenData>, private logger: Logger) {
    super()
  }

  async handler(request: Request, response: Response, next: NextFunction): Promise<void> {
    try {
-      if (!request.headers['x-auth-token']) {
-        this.logger.debug('ApiGatewayAuthMiddleware missing x-auth-token header.')
-
-        response.status(401).send({
-          error: {
-            tag: 'invalid-auth',
-            message: 'Invalid login credentials.',
-          },
-        })
-
+      if (!this.handleMissingToken(request, response, next)) {
        return
      }

@@ -56,4 +41,6 @@ export class ApiGatewayAuthMiddleware extends BaseMiddleware {
      return next(error)
    }
  }
+
+  protected abstract handleMissingToken(request: Request, response: Response, next: NextFunction): boolean
 }
@@ -1,79 +0,0 @@
-import 'reflect-metadata'
-
-import { AuthMiddleware } from './AuthMiddleware'
-import { NextFunction, Request, Response } from 'express'
-import { User } from '../../../Domain/User/User'
-import { AuthenticateRequest } from '../../../Domain/UseCase/AuthenticateRequest'
-import { Session } from '../../../Domain/Session/Session'
-import { Logger } from 'winston'
-
-describe('AuthMiddleware', () => {
-  let authenticateRequest: AuthenticateRequest
-  let request: Request
-  let response: Response
-  let next: NextFunction
-
-  const logger = {
-    debug: jest.fn(),
-  } as unknown as jest.Mocked<Logger>
-
-  const createMiddleware = () => new AuthMiddleware(authenticateRequest, logger)
-
-  beforeEach(() => {
-    authenticateRequest = {} as jest.Mocked<AuthenticateRequest>
-    authenticateRequest.execute = jest.fn()
-
-    request = {
-      headers: {},
-    } as jest.Mocked<Request>
-    response = {
-      locals: {},
-    } as jest.Mocked<Response>
-    response.status = jest.fn().mockReturnThis()
-    response.send = jest.fn()
-    next = jest.fn()
-  })
-
-  it('should authorize user', async () => {
-    const user = {} as jest.Mocked<User>
-    const session = {} as jest.Mocked<Session>
-    authenticateRequest.execute = jest.fn().mockReturnValue({
-      success: true,
-      user,
-      session,
-    })
-
-    await createMiddleware().handler(request, response, next)
-
-    expect(response.locals.user).toEqual(user)
-    expect(response.locals.session).toEqual(session)
-
-    expect(next).toHaveBeenCalled()
-  })
-
-  it('should not authorize if request authentication fails', async () => {
-    authenticateRequest.execute = jest.fn().mockReturnValue({
-      success: false,
-      responseCode: 401,
-    })
-
-    await createMiddleware().handler(request, response, next)
-
-    expect(response.status).toHaveBeenCalledWith(401)
-    expect(next).not.toHaveBeenCalled()
-  })
-
-  it('should pass the error to next middleware if one occurres', async () => {
-    const error = new Error('Ooops')
-
-    authenticateRequest.execute = jest.fn().mockImplementation(() => {
-      throw error
-    })
-
-    await createMiddleware().handler(request, response, next)
-
-    expect(response.status).not.toHaveBeenCalled()
-
-    expect(next).toHaveBeenCalledWith(error)
-  })
-})
@@ -1,45 +0,0 @@
-import { NextFunction, Request, Response } from 'express'
-import { inject, injectable } from 'inversify'
-import { BaseMiddleware } from 'inversify-express-utils'
-import { Logger } from 'winston'
-import TYPES from '../../../Bootstrap/Types'
-import { AuthenticateRequest } from '../../../Domain/UseCase/AuthenticateRequest'
-
-@injectable()
-export class AuthMiddleware extends BaseMiddleware {
-  constructor(
-    @inject(TYPES.Auth_AuthenticateRequest) private authenticateRequest: AuthenticateRequest,
-    @inject(TYPES.Auth_Logger) private logger: Logger,
-  ) {
-    super()
-  }
-
-  async handler(request: Request, response: Response, next: NextFunction): Promise<void> {
-    try {
-      const authenticateRequestResponse = await this.authenticateRequest.execute({
-        authorizationHeader: request.headers.authorization,
-      })
-
-      if (!authenticateRequestResponse.success) {
-        this.logger.debug('AuthMiddleware authentication failure.')
-
-        response.status(authenticateRequestResponse.responseCode).send({
-          error: {
-            tag: authenticateRequestResponse.errorTag,
-            message: authenticateRequestResponse.errorMessage,
-          },
-        })
-
-        return
-      }
-
-      response.locals.user = authenticateRequestResponse.user
-      response.locals.session = authenticateRequestResponse.session
-      response.locals.readOnlyAccess = authenticateRequestResponse.session?.readonlyAccess ?? false
-
-      return next()
-    } catch (error) {
-      return next(error)
-    }
-  }
-}
@@ -1,68 +0,0 @@
-import 'reflect-metadata'
-
-import { AuthMiddlewareWithoutResponse } from './AuthMiddlewareWithoutResponse'
-import { NextFunction, Request, Response } from 'express'
-import { User } from '../../../Domain/User/User'
-import { AuthenticateRequest } from '../../../Domain/UseCase/AuthenticateRequest'
-import { Session } from '../../../Domain/Session/Session'
-
-describe('AuthMiddlewareWithoutResponse', () => {
-  let authenticateRequest: AuthenticateRequest
-  let request: Request
-  let response: Response
-  let next: NextFunction
-
-  const createMiddleware = () => new AuthMiddlewareWithoutResponse(authenticateRequest)
-
-  beforeEach(() => {
-    authenticateRequest = {} as jest.Mocked<AuthenticateRequest>
-    authenticateRequest.execute = jest.fn()
-
-    request = {
-      headers: {},
-    } as jest.Mocked<Request>
-    response = {
-      locals: {},
-    } as jest.Mocked<Response>
-    response.status = jest.fn().mockReturnThis()
-    response.send = jest.fn()
-    next = jest.fn()
-  })
-
-  it('should authorize user', async () => {
-    const user = {} as jest.Mocked<User>
-    const session = {} as jest.Mocked<Session>
-    authenticateRequest.execute = jest.fn().mockReturnValue({
-      success: true,
-      user,
-      session,
-    })
-
-    await createMiddleware().handler(request, response, next)
-
-    expect(response.locals.user).toEqual(user)
-    expect(response.locals.session).toEqual(session)
-
-    expect(next).toHaveBeenCalled()
-  })
-
-  it('should skip middleware if authentication fails', async () => {
-    authenticateRequest.execute = jest.fn().mockReturnValue({
-      success: false,
-    })
-
-    await createMiddleware().handler(request, response, next)
-
-    expect(next).toHaveBeenCalled()
-  })
-
-  it('should skip middleware if authentication errors', async () => {
-    authenticateRequest.execute = jest.fn().mockImplementation(() => {
-      throw new Error('Ooops')
-    })
-
-    await createMiddleware().handler(request, response, next)
-
-    expect(next).toHaveBeenCalled()
-  })
-})
@@ -1,32 +0,0 @@
-import { NextFunction, Request, Response } from 'express'
-import { inject, injectable } from 'inversify'
-import { BaseMiddleware } from 'inversify-express-utils'
-import TYPES from '../../../Bootstrap/Types'
-import { AuthenticateRequest } from '../../../Domain/UseCase/AuthenticateRequest'
-
-@injectable()
-export class AuthMiddlewareWithoutResponse extends BaseMiddleware {
-  constructor(@inject(TYPES.Auth_AuthenticateRequest) private authenticateRequest: AuthenticateRequest) {
-    super()
-  }
-
-  async handler(request: Request, response: Response, next: NextFunction): Promise<void> {
-    try {
-      const authenticateRequestResponse = await this.authenticateRequest.execute({
-        authorizationHeader: request.headers.authorization,
-      })
-
-      if (!authenticateRequestResponse.success) {
-        return next()
-      }
-
-      response.locals.user = authenticateRequestResponse.user
-      response.locals.session = authenticateRequestResponse.session
-      response.locals.readOnlyAccess = authenticateRequestResponse.session?.readonlyAccess ?? false
-
-      return next()
-    } catch (error) {
-      return next()
-    }
-  }
-}
@@ -0,0 +1,27 @@
+import { CrossServiceTokenData, TokenDecoderInterface } from '@standardnotes/security'
+import { NextFunction, Request, Response } from 'express'
+import { inject, injectable } from 'inversify'
+import { Logger } from 'winston'
+
+import TYPES from '../../../Bootstrap/Types'
+import { ApiGatewayAuthMiddleware } from './ApiGatewayAuthMiddleware'
+
+@injectable()
+export class OptionalCrossServiceTokenMiddleware extends ApiGatewayAuthMiddleware {
+  constructor(
+    @inject(TYPES.Auth_CrossServiceTokenDecoder) tokenDecoder: TokenDecoderInterface<CrossServiceTokenData>,
+    @inject(TYPES.Auth_Logger) logger: Logger,
+  ) {
+    super(tokenDecoder, logger)
+  }
+
+  protected override handleMissingToken(request: Request, _response: Response, next: NextFunction): boolean {
+    if (!request.headers['x-auth-token']) {
+      next()
+
+      return false
+    }
+
+    return true
+  }
+}
@@ -0,0 +1,32 @@
+import { CrossServiceTokenData, TokenDecoderInterface } from '@standardnotes/security'
+import { NextFunction, Request, Response } from 'express'
+import { inject, injectable } from 'inversify'
+import { Logger } from 'winston'
+
+import TYPES from '../../../Bootstrap/Types'
+import { ApiGatewayAuthMiddleware } from './ApiGatewayAuthMiddleware'
+
+@injectable()
+export class RequiredCrossServiceTokenMiddleware extends ApiGatewayAuthMiddleware {
+  constructor(
+    @inject(TYPES.Auth_CrossServiceTokenDecoder) tokenDecoder: TokenDecoderInterface<CrossServiceTokenData>,
+    @inject(TYPES.Auth_Logger) logger: Logger,
+  ) {
+    super(tokenDecoder, logger)
+  }
+
+  protected override handleMissingToken(request: Request, response: Response, _next: NextFunction): boolean {
+    if (!request.headers['x-auth-token']) {
+      response.status(401).send({
+        error: {
+          tag: 'invalid-auth',
+          message: 'Invalid login credentials.',
+        },
+      })
+
+      return false
+    }
+
+    return true
+  }
+}
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.12.5](https://github.com/standardnotes/files/compare/@standardnotes/files-server@1.12.4...@standardnotes/files-server@1.12.5) (2023-05-18)
+
+**Note:** Version bump only for package @standardnotes/files-server
+
 ## [1.12.4](https://github.com/standardnotes/files/compare/@standardnotes/files-server@1.12.3...@standardnotes/files-server@1.12.4) (2023-05-17)

 **Note:** Version bump only for package @standardnotes/files-server
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/files-server",
-  "version": "1.12.4",
+  "version": "1.12.5",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -211,6 +211,7 @@ export class ContainerConfigLoader {
      level: env.get('LOG_LEVEL') || 'info',
      format: winston.format.combine(winston.format.splat(), winston.format.json()),
      transports: [new winston.transports.Console({ level: env.get('LOG_LEVEL') || 'info' })],
+      defaultMeta: { service: 'files' },
    })
  }
 }
@@ -15,3 +15,5 @@ JWT_SECRET=
 AUTH_JWT_SECRET=
 ENCRYPTION_SERVER_KEY=
 PSEUDO_KEY_PARAMS_KEY=
+
+FILES_SERVER_URL=
@@ -3,6 +3,36 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+# [1.5.0](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.4.4...@standardnotes/home-server@1.5.0) (2023-05-25)
+
+### Features
+
+* add revisions service to home server ([#613](https://github.com/standardnotes/server/issues/613)) ([c70040f](https://github.com/standardnotes/server/commit/c70040fe5dfd35663b9811fbbaa9370bd0298482))
+
+## [1.4.4](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.4.3...@standardnotes/home-server@1.4.4) (2023-05-25)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
+## [1.4.3](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.4.2...@standardnotes/home-server@1.4.3) (2023-05-18)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
+## [1.4.2](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.4.1...@standardnotes/home-server@1.4.2) (2023-05-18)
+
+### Bug Fixes
+
+* **api-gateway:** decorating responses for direct call proxy ([4ab32c6](https://github.com/standardnotes/server/commit/4ab32c670eedcfc64611a191bc25566d43372b23))
+
+## [1.4.1](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.4.0...@standardnotes/home-server@1.4.1) (2023-05-18)
+
+**Note:** Version bump only for package @standardnotes/home-server
+
+# [1.4.0](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.3.1...@standardnotes/home-server@1.4.0) (2023-05-17)
+
+### Features
+
+* bundle syncing server into home server setup ([#611](https://github.com/standardnotes/server/issues/611)) ([b3b617e](https://github.com/standardnotes/server/commit/b3b617ea0b4f4574f6aa7cfae0e9fa8f868f1f4c))
+
 ## [1.3.1](https://github.com/standardnotes/server/compare/@standardnotes/home-server@1.3.0...@standardnotes/home-server@1.3.1) (2023-05-17)

 **Note:** Version bump only for package @standardnotes/home-server
@@ -4,6 +4,8 @@ import { ControllerContainer, ServiceContainer } from '@standardnotes/domain-cor
 import { Service as ApiGatewayService, TYPES as ApiGatewayTYPES } from '@standardnotes/api-gateway'
 import { DirectCallDomainEventPublisher } from '@standardnotes/domain-events-infra'
 import { Service as AuthService } from '@standardnotes/auth-server'
+import { Service as SyncingService } from '@standardnotes/syncing-server'
+import { Service as RevisionsService } from '@standardnotes/revisions-server'
 import { Container } from 'inversify'
 import { InversifyExpressServer } from 'inversify-express-utils'
 import helmet from 'helmet'
@@ -20,12 +22,16 @@ const startServer = async (): Promise<void> => {
  const serviceContainer = new ServiceContainer()
  const directCallDomainEventPublisher = new DirectCallDomainEventPublisher()

-  const apiGatewayService = new ApiGatewayService(serviceContainer, controllerContainer)
+  const apiGatewayService = new ApiGatewayService(serviceContainer)
  const authService = new AuthService(serviceContainer, controllerContainer, directCallDomainEventPublisher)
+  const syncingService = new SyncingService(serviceContainer, controllerContainer, directCallDomainEventPublisher)
+  const revisionsService = new RevisionsService(serviceContainer, controllerContainer, directCallDomainEventPublisher)

  const container = Container.merge(
    (await apiGatewayService.getContainer()) as Container,
    (await authService.getContainer()) as Container,
+    (await syncingService.getContainer()) as Container,
+    (await revisionsService.getContainer()) as Container,
  )

  const env: Env = new Env()
@@ -93,12 +99,7 @@ const startServer = async (): Promise<void> => {
  logger.info(`Server started on port ${process.env.PORT}`)
 }

-Promise.resolve(startServer())
-  .then(() => {
-    // eslint-disable-next-line no-console
-    console.log('Server started')
-  })
-  .catch((error) => {
-    // eslint-disable-next-line no-console
-    console.log(`Could not start server: ${error.message}`)
-  })
+Promise.resolve(startServer()).catch((error) => {
+  // eslint-disable-next-line no-console
+  console.log(`Could not start server: ${error.message}`)
+})
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/home-server",
-  "version": "1.3.1",
+  "version": "1.5.0",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -22,6 +22,8 @@
    "@standardnotes/auth-server": "workspace:^",
    "@standardnotes/domain-core": "workspace:^",
    "@standardnotes/domain-events-infra": "workspace:^",
+    "@standardnotes/revisions-server": "workspace:^",
+    "@standardnotes/syncing-server": "workspace:^",
    "cors": "2.8.5",
    "dotenv": "^16.0.1",
    "express": "^4.18.2",
@@ -3,6 +3,16 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+# [1.16.0](https://github.com/standardnotes/server/compare/@standardnotes/revisions-server@1.15.1...@standardnotes/revisions-server@1.16.0) (2023-05-25)
+
+### Features
+
+* add revisions service to home server ([#613](https://github.com/standardnotes/server/issues/613)) ([c70040f](https://github.com/standardnotes/server/commit/c70040fe5dfd35663b9811fbbaa9370bd0298482))
+
+## [1.15.1](https://github.com/standardnotes/server/compare/@standardnotes/revisions-server@1.15.0...@standardnotes/revisions-server@1.15.1) (2023-05-18)
+
+**Note:** Version bump only for package @standardnotes/revisions-server
+
 # [1.15.0](https://github.com/standardnotes/server/compare/@standardnotes/revisions-server@1.14.4...@standardnotes/revisions-server@1.15.0) (2023-05-17)

 ### Features
@@ -9,20 +9,20 @@ import * as winston from 'winston'
 import { InversifyExpressServer } from 'inversify-express-utils'
 import TYPES from '../src/Bootstrap/Types'
 import { Env } from '../src/Bootstrap/Env'
-import { ServerContainerConfigLoader } from '../src/Bootstrap/ServerContainerConfigLoader'
+import { ContainerConfigLoader } from '../src/Bootstrap/Container'

 import '../src/Infra/InversifyExpress/InversifyExpressRevisionsController'
 import '../src/Infra/InversifyExpress/InversifyExpressHealthCheckController'

-const container = new ServerContainerConfigLoader()
+const container = new ContainerConfigLoader()
 void container.load().then((container) => {
-  const env: Env = container.get(TYPES.Env)
+  const env: Env = container.get(TYPES.Revisions_Env)

  const server = new InversifyExpressServer(container)

  server.setConfig((app) => {
    app.use((_request: Request, response: Response, next: NextFunction) => {
-      response.setHeader('X-Revisions-Version', container.get(TYPES.VERSION))
+      response.setHeader('X-Revisions-Version', container.get(TYPES.Revisions_VERSION))
      next()
    })
    app.use(json())
@@ -30,7 +30,7 @@ void container.load().then((container) => {
    app.use(cors())
  })

-  const logger: winston.Logger = container.get(TYPES.Logger)
+  const logger: winston.Logger = container.get(TYPES.Revisions_Logger)

  server.setErrorConfig((app) => {
    app.use((error: Record<string, unknown>, _request: Request, response: Response, _next: NextFunction) => {
@@ -7,17 +7,19 @@ import { Logger } from 'winston'
 import TYPES from '../src/Bootstrap/Types'
 import { Env } from '../src/Bootstrap/Env'
 import { DomainEventSubscriberFactoryInterface } from '@standardnotes/domain-events'
-import { WorkerContainerConfigLoader } from '../src/Bootstrap/WorkerContainerConfigLoader'
+import { ContainerConfigLoader } from '../src/Bootstrap/Container'

-const container = new WorkerContainerConfigLoader()
+const container = new ContainerConfigLoader()
 void container.load().then((container) => {
  const env: Env = new Env()
  env.load()

-  const logger: Logger = container.get(TYPES.Logger)
+  const logger: Logger = container.get(TYPES.Revisions_Logger)

  logger.info('Starting worker...')

-  const subscriberFactory: DomainEventSubscriberFactoryInterface = container.get(TYPES.DomainEventSubscriberFactory)
+  const subscriberFactory: DomainEventSubscriberFactoryInterface = container.get(
+    TYPES.Revisions_DomainEventSubscriberFactory,
+  )
  subscriberFactory.create().start()
 })
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/revisions-server",
-  "version": "1.15.0",
+  "version": "1.16.0",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -1,81 +0,0 @@
-import { MapperInterface } from '@standardnotes/domain-core'
-import { Container, interfaces } from 'inversify'
-import { Repository } from 'typeorm'
-import * as winston from 'winston'
-
-import { Revision } from '../Domain/Revision/Revision'
-import { RevisionMetadata } from '../Domain/Revision/RevisionMetadata'
-import { RevisionRepositoryInterface } from '../Domain/Revision/RevisionRepositoryInterface'
-import { TypeORMRevisionRepository } from '../Infra/TypeORM/TypeORMRevisionRepository'
-import { TypeORMRevision } from '../Infra/TypeORM/TypeORMRevision'
-import { RevisionMetadataPersistenceMapper } from '../Mapping/RevisionMetadataPersistenceMapper'
-import { RevisionPersistenceMapper } from '../Mapping/RevisionPersistenceMapper'
-import { AppDataSource } from './DataSource'
-import { Env } from './Env'
-import TYPES from './Types'
-
-// eslint-disable-next-line @typescript-eslint/no-var-requires
-const newrelicFormatter = require('@newrelic/winston-enricher')
-
-export class CommonContainerConfigLoader {
-  async load(): Promise<Container> {
-    const env: Env = new Env()
-    env.load()
-
-    const container = new Container({
-      defaultScope: 'Singleton',
-    })
-
-    await AppDataSource.initialize()
-
-    container.bind<Env>(TYPES.Env).toConstantValue(env)
-
-    container.bind<winston.Logger>(TYPES.Logger).toDynamicValue((context: interfaces.Context) => {
-      const env: Env = context.container.get(TYPES.Env)
-
-      const newrelicWinstonFormatter = newrelicFormatter(winston)
-      const winstonFormatters = [winston.format.splat(), winston.format.json()]
-      if (env.get('NEW_RELIC_ENABLED', true) === 'true') {
-        winstonFormatters.push(newrelicWinstonFormatter())
-      }
-
-      const logger = winston.createLogger({
-        level: env.get('LOG_LEVEL') || 'info',
-        format: winston.format.combine(...winstonFormatters),
-        transports: [new winston.transports.Console({ level: env.get('LOG_LEVEL') || 'info' })],
-      })
-
-      return logger
-    })
-
-    container.bind(TYPES.NEW_RELIC_ENABLED).toConstantValue(env.get('NEW_RELIC_ENABLED', true))
-    container.bind(TYPES.VERSION).toConstantValue(env.get('VERSION'))
-
-    // Map
-    container
-      .bind<MapperInterface<RevisionMetadata, TypeORMRevision>>(TYPES.RevisionMetadataPersistenceMapper)
-      .toDynamicValue(() => new RevisionMetadataPersistenceMapper())
-    container
-      .bind<MapperInterface<Revision, TypeORMRevision>>(TYPES.RevisionPersistenceMapper)
-      .toDynamicValue(() => new RevisionPersistenceMapper())
-
-    // ORM
-    container
-      .bind<Repository<TypeORMRevision>>(TYPES.ORMRevisionRepository)
-      .toDynamicValue(() => AppDataSource.getRepository(TypeORMRevision))
-
-    // Repositories
-    container
-      .bind<RevisionRepositoryInterface>(TYPES.RevisionRepository)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new TypeORMRevisionRepository(
-          context.container.get(TYPES.ORMRevisionRepository),
-          context.container.get(TYPES.RevisionMetadataPersistenceMapper),
-          context.container.get(TYPES.RevisionPersistenceMapper),
-          context.container.get(TYPES.Logger),
-        )
-      })
-
-    return container
-  }
-}
@@ -0,0 +1,351 @@
+import { ControllerContainer, ControllerContainerInterface, MapperInterface } from '@standardnotes/domain-core'
+import { Container, interfaces } from 'inversify'
+import { Repository } from 'typeorm'
+import * as winston from 'winston'
+
+import { Revision } from '../Domain/Revision/Revision'
+import { RevisionMetadata } from '../Domain/Revision/RevisionMetadata'
+import { RevisionRepositoryInterface } from '../Domain/Revision/RevisionRepositoryInterface'
+import { TypeORMRevisionRepository } from '../Infra/TypeORM/TypeORMRevisionRepository'
+import { TypeORMRevision } from '../Infra/TypeORM/TypeORMRevision'
+import { RevisionMetadataPersistenceMapper } from '../Mapping/RevisionMetadataPersistenceMapper'
+import { RevisionPersistenceMapper } from '../Mapping/RevisionPersistenceMapper'
+import { AppDataSource } from './DataSource'
+import { Env } from './Env'
+import TYPES from './Types'
+import { TokenDecoderInterface, CrossServiceTokenData, TokenDecoder } from '@standardnotes/security'
+import { TimerInterface, Timer } from '@standardnotes/time'
+import { ApiGatewayAuthMiddleware } from '../Infra/InversifyExpress/Middleware/ApiGatewayAuthMiddleware'
+import { RevisionsController } from '../Controller/RevisionsController'
+import { DeleteRevision } from '../Domain/UseCase/DeleteRevision/DeleteRevision'
+import { GetRequiredRoleToViewRevision } from '../Domain/UseCase/GetRequiredRoleToViewRevision/GetRequiredRoleToViewRevision'
+import { GetRevision } from '../Domain/UseCase/GetRevision/GetRevision'
+import { GetRevisionsMetada } from '../Domain/UseCase/GetRevisionsMetada/GetRevisionsMetada'
+import { RevisionHttpMapper } from '../Mapping/RevisionHttpMapper'
+import { RevisionMetadataHttpMapper } from '../Mapping/RevisionMetadataHttpMapper'
+import { S3Client } from '@aws-sdk/client-s3'
+import { SQSClient, SQSClientConfig } from '@aws-sdk/client-sqs'
+import {
+  DomainEventMessageHandlerInterface,
+  DomainEventHandlerInterface,
+  DomainEventSubscriberFactoryInterface,
+} from '@standardnotes/domain-events'
+import {
+  SQSNewRelicEventMessageHandler,
+  SQSEventMessageHandler,
+  SQSDomainEventSubscriberFactory,
+  DirectCallEventMessageHandler,
+  DirectCallDomainEventPublisher,
+} from '@standardnotes/domain-events-infra'
+import { DumpRepositoryInterface } from '../Domain/Dump/DumpRepositoryInterface'
+import { AccountDeletionRequestedEventHandler } from '../Domain/Handler/AccountDeletionRequestedEventHandler'
+import { ItemDumpedEventHandler } from '../Domain/Handler/ItemDumpedEventHandler'
+import { RevisionsCopyRequestedEventHandler } from '../Domain/Handler/RevisionsCopyRequestedEventHandler'
+import { CopyRevisions } from '../Domain/UseCase/CopyRevisions/CopyRevisions'
+import { FSDumpRepository } from '../Infra/FS/FSDumpRepository'
+import { S3DumpRepository } from '../Infra/S3/S3ItemDumpRepository'
+import { RevisionItemStringMapper } from '../Mapping/RevisionItemStringMapper'
+import { InversifyExpressRevisionsController } from '../Infra/InversifyExpress/InversifyExpressRevisionsController'
+
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const newrelicFormatter = require('@newrelic/winston-enricher')
+
+export class ContainerConfigLoader {
+  async load(configuration?: {
+    controllerConatiner?: ControllerContainerInterface
+    directCallDomainEventPublisher?: DirectCallDomainEventPublisher
+  }): Promise<Container> {
+    const directCallDomainEventPublisher =
+      configuration?.directCallDomainEventPublisher ?? new DirectCallDomainEventPublisher()
+
+    const env: Env = new Env()
+    env.load()
+
+    const isConfiguredForHomeServer = env.get('DB_TYPE') === 'sqlite'
+
+    const container = new Container({
+      defaultScope: 'Singleton',
+    })
+
+    await AppDataSource.initialize()
+
+    container.bind<Env>(TYPES.Revisions_Env).toConstantValue(env)
+
+    container.bind<winston.Logger>(TYPES.Revisions_Logger).toDynamicValue((context: interfaces.Context) => {
+      const env: Env = context.container.get(TYPES.Revisions_Env)
+
+      const newrelicWinstonFormatter = newrelicFormatter(winston)
+      const winstonFormatters = [winston.format.splat(), winston.format.json()]
+      if (env.get('NEW_RELIC_ENABLED', true) === 'true') {
+        winstonFormatters.push(newrelicWinstonFormatter())
+      }
+
+      const logger = winston.createLogger({
+        level: env.get('LOG_LEVEL') || 'info',
+        format: winston.format.combine(...winstonFormatters),
+        transports: [new winston.transports.Console({ level: env.get('LOG_LEVEL') || 'info' })],
+        defaultMeta: { service: 'revisions' },
+      })
+
+      return logger
+    })
+
+    container.bind(TYPES.Revisions_NEW_RELIC_ENABLED).toConstantValue(env.get('NEW_RELIC_ENABLED', true))
+    container.bind(TYPES.Revisions_VERSION).toConstantValue(env.get('VERSION'))
+
+    // Map
+    container
+      .bind<MapperInterface<RevisionMetadata, TypeORMRevision>>(TYPES.Revisions_RevisionMetadataPersistenceMapper)
+      .toDynamicValue(() => new RevisionMetadataPersistenceMapper())
+    container
+      .bind<MapperInterface<Revision, TypeORMRevision>>(TYPES.Revisions_RevisionPersistenceMapper)
+      .toDynamicValue(() => new RevisionPersistenceMapper())
+
+    // ORM
+    container
+      .bind<Repository<TypeORMRevision>>(TYPES.Revisions_ORMRevisionRepository)
+      .toDynamicValue(() => AppDataSource.getRepository(TypeORMRevision))
+
+    // Repositories
+    container
+      .bind<RevisionRepositoryInterface>(TYPES.Revisions_RevisionRepository)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new TypeORMRevisionRepository(
+          context.container.get(TYPES.Revisions_ORMRevisionRepository),
+          context.container.get(TYPES.Revisions_RevisionMetadataPersistenceMapper),
+          context.container.get(TYPES.Revisions_RevisionPersistenceMapper),
+          context.container.get(TYPES.Revisions_Logger),
+        )
+      })
+
+    container.bind<TimerInterface>(TYPES.Revisions_Timer).toDynamicValue(() => new Timer())
+
+    container
+      .bind<GetRequiredRoleToViewRevision>(TYPES.Revisions_GetRequiredRoleToViewRevision)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new GetRequiredRoleToViewRevision(context.container.get(TYPES.Revisions_Timer))
+      })
+
+    // Map
+    container
+      .bind<
+        MapperInterface<
+          Revision,
+          {
+            uuid: string
+            item_uuid: string
+            content: string | null
+            content_type: string
+            items_key_id: string | null
+            enc_item_key: string | null
+            auth_hash: string | null
+            created_at: string
+            updated_at: string
+          }
+        >
+      >(TYPES.Revisions_RevisionHttpMapper)
+      .toDynamicValue(() => new RevisionHttpMapper())
+    container
+      .bind<
+        MapperInterface<
+          RevisionMetadata,
+          {
+            uuid: string
+            content_type: string
+            created_at: string
+            updated_at: string
+          }
+        >
+      >(TYPES.Revisions_RevisionMetadataHttpMapper)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new RevisionMetadataHttpMapper(context.container.get(TYPES.Revisions_GetRequiredRoleToViewRevision))
+      })
+
+    // use cases
+    container
+      .bind<GetRevisionsMetada>(TYPES.Revisions_GetRevisionsMetada)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new GetRevisionsMetada(context.container.get(TYPES.Revisions_RevisionRepository))
+      })
+    container.bind<GetRevision>(TYPES.Revisions_GetRevision).toDynamicValue((context: interfaces.Context) => {
+      return new GetRevision(context.container.get(TYPES.Revisions_RevisionRepository))
+    })
+    container.bind<DeleteRevision>(TYPES.Revisions_DeleteRevision).toDynamicValue((context: interfaces.Context) => {
+      return new DeleteRevision(context.container.get(TYPES.Revisions_RevisionRepository))
+    })
+
+    // env vars
+    container.bind(TYPES.Revisions_AUTH_JWT_SECRET).toConstantValue(env.get('AUTH_JWT_SECRET'))
+
+    // Controller
+    container
+      .bind<ControllerContainerInterface>(TYPES.Revisions_ControllerContainer)
+      .toConstantValue(configuration?.controllerConatiner ?? new ControllerContainer())
+
+    container
+      .bind<RevisionsController>(TYPES.Revisions_RevisionsController)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new RevisionsController(
+          context.container.get(TYPES.Revisions_GetRevisionsMetada),
+          context.container.get(TYPES.Revisions_GetRevision),
+          context.container.get(TYPES.Revisions_DeleteRevision),
+          context.container.get(TYPES.Revisions_RevisionHttpMapper),
+          context.container.get(TYPES.Revisions_RevisionMetadataHttpMapper),
+          context.container.get(TYPES.Revisions_Logger),
+        )
+      })
+
+    container
+      .bind<TokenDecoderInterface<CrossServiceTokenData>>(TYPES.Revisions_CrossServiceTokenDecoder)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new TokenDecoder<CrossServiceTokenData>(context.container.get(TYPES.Revisions_AUTH_JWT_SECRET))
+      })
+
+    container
+      .bind<ApiGatewayAuthMiddleware>(TYPES.Revisions_ApiGatewayAuthMiddleware)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new ApiGatewayAuthMiddleware(
+          context.container.get(TYPES.Revisions_CrossServiceTokenDecoder),
+          context.container.get(TYPES.Revisions_Logger),
+        )
+      })
+
+    // Map
+    container
+      .bind<MapperInterface<Revision, string>>(TYPES.Revisions_RevisionItemStringMapper)
+      .toDynamicValue(() => new RevisionItemStringMapper())
+
+    container
+      .bind<DumpRepositoryInterface>(TYPES.Revisions_DumpRepository)
+      .toConstantValue(
+        env.get('S3_AWS_REGION', true)
+          ? new S3DumpRepository(
+              container.get(TYPES.Revisions_S3_BACKUP_BUCKET_NAME),
+              container.get(TYPES.Revisions_S3),
+              container.get(TYPES.Revisions_RevisionItemStringMapper),
+              container.get(TYPES.Revisions_Logger),
+            )
+          : new FSDumpRepository(container.get(TYPES.Revisions_RevisionItemStringMapper)),
+      )
+
+    if (!isConfiguredForHomeServer) {
+      // env vars
+      container.bind(TYPES.Revisions_SQS_QUEUE_URL).toConstantValue(env.get('SQS_QUEUE_URL'))
+      container.bind(TYPES.Revisions_S3_AWS_REGION).toConstantValue(env.get('S3_AWS_REGION', true))
+      container.bind(TYPES.Revisions_S3_BACKUP_BUCKET_NAME).toConstantValue(env.get('S3_BACKUP_BUCKET_NAME', true))
+
+      container.bind<SQSClient>(TYPES.Revisions_SQS).toDynamicValue((context: interfaces.Context) => {
+        const env: Env = context.container.get(TYPES.Revisions_Env)
+
+        const sqsConfig: SQSClientConfig = {
+          region: env.get('SQS_AWS_REGION'),
+        }
+        if (env.get('SQS_ENDPOINT', true)) {
+          sqsConfig.endpoint = env.get('SQS_ENDPOINT', true)
+        }
+        if (env.get('SQS_ACCESS_KEY_ID', true) && env.get('SQS_SECRET_ACCESS_KEY', true)) {
+          sqsConfig.credentials = {
+            accessKeyId: env.get('SQS_ACCESS_KEY_ID', true),
+            secretAccessKey: env.get('SQS_SECRET_ACCESS_KEY', true),
+          }
+        }
+
+        return new SQSClient(sqsConfig)
+      })
+
+      container.bind<S3Client | undefined>(TYPES.Revisions_S3).toDynamicValue((context: interfaces.Context) => {
+        const env: Env = context.container.get(TYPES.Revisions_Env)
+
+        let s3Client = undefined
+        if (env.get('S3_AWS_REGION', true)) {
+          s3Client = new S3Client({
+            apiVersion: 'latest',
+            region: env.get('S3_AWS_REGION', true),
+          })
+        }
+
+        return s3Client
+      })
+    }
+
+    // use cases
+    container.bind<CopyRevisions>(TYPES.Revisions_CopyRevisions).toDynamicValue((context: interfaces.Context) => {
+      return new CopyRevisions(context.container.get(TYPES.Revisions_RevisionRepository))
+    })
+
+    // Handlers
+    container
+      .bind<ItemDumpedEventHandler>(TYPES.Revisions_ItemDumpedEventHandler)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new ItemDumpedEventHandler(
+          context.container.get(TYPES.Revisions_DumpRepository),
+          context.container.get(TYPES.Revisions_RevisionRepository),
+        )
+      })
+    container
+      .bind<AccountDeletionRequestedEventHandler>(TYPES.Revisions_AccountDeletionRequestedEventHandler)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new AccountDeletionRequestedEventHandler(
+          context.container.get(TYPES.Revisions_RevisionRepository),
+          context.container.get(TYPES.Revisions_Logger),
+        )
+      })
+    container
+      .bind<RevisionsCopyRequestedEventHandler>(TYPES.Revisions_RevisionsCopyRequestedEventHandler)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new RevisionsCopyRequestedEventHandler(
+          context.container.get(TYPES.Revisions_CopyRevisions),
+          context.container.get(TYPES.Revisions_Logger),
+        )
+      })
+
+    const eventHandlers: Map<string, DomainEventHandlerInterface> = new Map([
+      ['ITEM_DUMPED', container.get(TYPES.Revisions_ItemDumpedEventHandler)],
+      ['ACCOUNT_DELETION_REQUESTED', container.get(TYPES.Revisions_AccountDeletionRequestedEventHandler)],
+      ['REVISIONS_COPY_REQUESTED', container.get(TYPES.Revisions_RevisionsCopyRequestedEventHandler)],
+    ])
+
+    if (isConfiguredForHomeServer) {
+      const directCallEventMessageHandler = new DirectCallEventMessageHandler(
+        eventHandlers,
+        container.get(TYPES.Revisions_Logger),
+      )
+      directCallDomainEventPublisher.register(directCallEventMessageHandler)
+      container
+        .bind<DomainEventMessageHandlerInterface>(TYPES.Revisions_DomainEventMessageHandler)
+        .toConstantValue(directCallEventMessageHandler)
+    } else {
+      container
+        .bind<DomainEventMessageHandlerInterface>(TYPES.Revisions_DomainEventMessageHandler)
+        .toConstantValue(
+          env.get('NEW_RELIC_ENABLED', true) === 'true'
+            ? new SQSNewRelicEventMessageHandler(eventHandlers, container.get(TYPES.Revisions_Logger))
+            : new SQSEventMessageHandler(eventHandlers, container.get(TYPES.Revisions_Logger)),
+        )
+
+      container
+        .bind<DomainEventSubscriberFactoryInterface>(TYPES.Revisions_DomainEventSubscriberFactory)
+        .toDynamicValue((context: interfaces.Context) => {
+          return new SQSDomainEventSubscriberFactory(
+            context.container.get(TYPES.Revisions_SQS),
+            context.container.get(TYPES.Revisions_SQS_QUEUE_URL),
+            context.container.get(TYPES.Revisions_DomainEventMessageHandler),
+          )
+        })
+    }
+
+    // Inversify Controllers
+    if (isConfiguredForHomeServer) {
+      container
+        .bind<InversifyExpressRevisionsController>(TYPES.Revisions_InversifyExpressRevisionsController)
+        .toConstantValue(
+          new InversifyExpressRevisionsController(
+            container.get(TYPES.Revisions_RevisionsController),
+            container.get(TYPES.Revisions_ControllerContainer),
+          ),
+        )
+    }
+
+    return container
+  }
+}
@@ -15,55 +15,62 @@ const maxQueryExecutionTime = env.get('DB_MAX_QUERY_EXECUTION_TIME', true)
  ? +env.get('DB_MAX_QUERY_EXECUTION_TIME', true)
  : 45_000

-const inReplicaMode = env.get('DB_REPLICA_HOST', true) ? true : false
+const commonDataSourceOptions = {
+  maxQueryExecutionTime,
+  entities: [TypeORMRevision],
+  migrations: [`${__dirname}/../../migrations/${isConfiguredForMySQL ? 'mysql' : 'sqlite'}/*.js`],
+  migrationsRun: true,
+  logging: <LoggerOptions>env.get('DB_DEBUG_LEVEL', true) ?? 'info',
+}

-const replicationConfig = {
-  master: {
-    host: env.get('DB_HOST'),
-    port: parseInt(env.get('DB_PORT')),
-    username: env.get('DB_USERNAME'),
-    password: env.get('DB_PASSWORD'),
-    database: env.get('DB_DATABASE'),
-  },
-  slaves: [
-    {
-      host: env.get('DB_REPLICA_HOST', true),
+let dataSource: DataSource
+if (isConfiguredForMySQL) {
+  const inReplicaMode = env.get('DB_REPLICA_HOST', true) ? true : false
+
+  const replicationConfig = {
+    master: {
+      host: env.get('DB_HOST'),
      port: parseInt(env.get('DB_PORT')),
      username: env.get('DB_USERNAME'),
      password: env.get('DB_PASSWORD'),
      database: env.get('DB_DATABASE'),
    },
-  ],
-  removeNodeErrorCount: 10,
-  restoreNodeTimeout: 5,
+    slaves: [
+      {
+        host: env.get('DB_REPLICA_HOST', true),
+        port: parseInt(env.get('DB_PORT')),
+        username: env.get('DB_USERNAME'),
+        password: env.get('DB_PASSWORD'),
+        database: env.get('DB_DATABASE'),
+      },
+    ],
+    removeNodeErrorCount: 10,
+    restoreNodeTimeout: 5,
+  }
+
+  const mySQLDataSourceOptions: MysqlConnectionOptions = {
+    ...commonDataSourceOptions,
+    type: 'mysql',
+    charset: 'utf8mb4',
+    supportBigNumbers: true,
+    bigNumberStrings: false,
+    replication: inReplicaMode ? replicationConfig : undefined,
+    host: inReplicaMode ? undefined : env.get('DB_HOST'),
+    port: inReplicaMode ? undefined : parseInt(env.get('DB_PORT')),
+    username: inReplicaMode ? undefined : env.get('DB_USERNAME'),
+    password: inReplicaMode ? undefined : env.get('DB_PASSWORD'),
+    database: inReplicaMode ? undefined : env.get('DB_DATABASE'),
+  }
+
+  dataSource = new DataSource(mySQLDataSourceOptions)
+} else {
+  const sqliteDataSourceOptions: SqliteConnectionOptions = {
+    ...commonDataSourceOptions,
+    type: 'sqlite',
+    database: `data/${env.get('DB_DATABASE')}.sqlite`,
+  }
+
+  dataSource = new DataSource(sqliteDataSourceOptions)
 }

-const commonDataSourceOptions = {
-  maxQueryExecutionTime,
-  entities: [TypeORMRevision],
-  migrations: [`dist/migrations/${isConfiguredForMySQL ? 'mysql' : 'sqlite'}/*.js`],
-  migrationsRun: true,
-  logging: <LoggerOptions>env.get('DB_DEBUG_LEVEL'),
-}
-
-const mySQLDataSourceOptions: MysqlConnectionOptions = {
-  ...commonDataSourceOptions,
-  type: 'mysql',
-  charset: 'utf8mb4',
-  supportBigNumbers: true,
-  bigNumberStrings: false,
-  replication: inReplicaMode ? replicationConfig : undefined,
-  host: inReplicaMode ? undefined : env.get('DB_HOST'),
-  port: inReplicaMode ? undefined : parseInt(env.get('DB_PORT')),
-  username: inReplicaMode ? undefined : env.get('DB_USERNAME'),
-  password: inReplicaMode ? undefined : env.get('DB_PASSWORD'),
-  database: inReplicaMode ? undefined : env.get('DB_DATABASE'),
-}
-
-const sqliteDataSourceOptions: SqliteConnectionOptions = {
-  ...commonDataSourceOptions,
-  type: 'sqlite',
-  database: `data/${env.get('DB_DATABASE')}.sqlite`,
-}
-
-export const AppDataSource = new DataSource(isConfiguredForMySQL ? mySQLDataSourceOptions : sqliteDataSourceOptions)
+export const AppDataSource = dataSource
@@ -1,112 +0,0 @@
-import { Timer, TimerInterface } from '@standardnotes/time'
-import { Container, interfaces } from 'inversify'
-import { MapperInterface } from '@standardnotes/domain-core'
-
-import TYPES from './Types'
-import { RevisionsController } from '../Controller/RevisionsController'
-import { GetRevisionsMetada } from '../Domain/UseCase/GetRevisionsMetada/GetRevisionsMetada'
-import { RevisionMetadata } from '../Domain/Revision/RevisionMetadata'
-import { Revision } from '../Domain/Revision/Revision'
-import { GetRevision } from '../Domain/UseCase/GetRevision/GetRevision'
-import { DeleteRevision } from '../Domain/UseCase/DeleteRevision/DeleteRevision'
-import { RevisionHttpMapper } from '../Mapping/RevisionHttpMapper'
-import { RevisionMetadataHttpMapper } from '../Mapping/RevisionMetadataHttpMapper'
-import { GetRequiredRoleToViewRevision } from '../Domain/UseCase/GetRequiredRoleToViewRevision/GetRequiredRoleToViewRevision'
-import { CommonContainerConfigLoader } from './CommonContainerConfigLoader'
-import { ApiGatewayAuthMiddleware } from '../Controller/ApiGatewayAuthMiddleware'
-import { CrossServiceTokenData, TokenDecoder, TokenDecoderInterface } from '@standardnotes/security'
-import { Env } from './Env'
-
-export class ServerContainerConfigLoader extends CommonContainerConfigLoader {
-  override async load(): Promise<Container> {
-    const container = await super.load()
-
-    const env: Env = container.get(TYPES.Env)
-
-    container.bind<TimerInterface>(TYPES.Timer).toDynamicValue(() => new Timer())
-
-    container
-      .bind<GetRequiredRoleToViewRevision>(TYPES.GetRequiredRoleToViewRevision)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new GetRequiredRoleToViewRevision(context.container.get(TYPES.Timer))
-      })
-
-    // Map
-    container
-      .bind<
-        MapperInterface<
-          Revision,
-          {
-            uuid: string
-            item_uuid: string
-            content: string | null
-            content_type: string
-            items_key_id: string | null
-            enc_item_key: string | null
-            auth_hash: string | null
-            created_at: string
-            updated_at: string
-          }
-        >
-      >(TYPES.RevisionHttpMapper)
-      .toDynamicValue(() => new RevisionHttpMapper())
-    container
-      .bind<
-        MapperInterface<
-          RevisionMetadata,
-          {
-            uuid: string
-            content_type: string
-            created_at: string
-            updated_at: string
-          }
-        >
-      >(TYPES.RevisionMetadataHttpMapper)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new RevisionMetadataHttpMapper(context.container.get(TYPES.GetRequiredRoleToViewRevision))
-      })
-
-    // use cases
-    container.bind<GetRevisionsMetada>(TYPES.GetRevisionsMetada).toDynamicValue((context: interfaces.Context) => {
-      return new GetRevisionsMetada(context.container.get(TYPES.RevisionRepository))
-    })
-    container.bind<GetRevision>(TYPES.GetRevision).toDynamicValue((context: interfaces.Context) => {
-      return new GetRevision(context.container.get(TYPES.RevisionRepository))
-    })
-    container.bind<DeleteRevision>(TYPES.DeleteRevision).toDynamicValue((context: interfaces.Context) => {
-      return new DeleteRevision(context.container.get(TYPES.RevisionRepository))
-    })
-
-    // env vars
-    container.bind(TYPES.AUTH_JWT_SECRET).toConstantValue(env.get('AUTH_JWT_SECRET'))
-
-    // Controller
-    container.bind<RevisionsController>(TYPES.RevisionsController).toDynamicValue((context: interfaces.Context) => {
-      return new RevisionsController(
-        context.container.get(TYPES.GetRevisionsMetada),
-        context.container.get(TYPES.GetRevision),
-        context.container.get(TYPES.DeleteRevision),
-        context.container.get(TYPES.RevisionHttpMapper),
-        context.container.get(TYPES.RevisionMetadataHttpMapper),
-        context.container.get(TYPES.Logger),
-      )
-    })
-
-    container
-      .bind<TokenDecoderInterface<CrossServiceTokenData>>(TYPES.CrossServiceTokenDecoder)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new TokenDecoder<CrossServiceTokenData>(context.container.get(TYPES.AUTH_JWT_SECRET))
-      })
-
-    container
-      .bind<ApiGatewayAuthMiddleware>(TYPES.ApiGatewayAuthMiddleware)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new ApiGatewayAuthMiddleware(
-          context.container.get(TYPES.CrossServiceTokenDecoder),
-          context.container.get(TYPES.Logger),
-        )
-      })
-
-    return container
-  }
-}
@@ -0,0 +1,42 @@
+import {
+  ControllerContainerInterface,
+  ServiceContainerInterface,
+  ServiceIdentifier,
+  ServiceInterface,
+} from '@standardnotes/domain-core'
+
+import { ContainerConfigLoader } from './Container'
+import { DirectCallDomainEventPublisher } from '@standardnotes/domain-events-infra'
+
+export class Service implements ServiceInterface {
+  constructor(
+    private serviceContainer: ServiceContainerInterface,
+    private controllerContainer: ControllerContainerInterface,
+    private directCallDomainEventPublisher: DirectCallDomainEventPublisher,
+  ) {
+    this.serviceContainer.register(this.getId(), this)
+  }
+
+  async handleRequest(request: never, response: never, endpointOrMethodIdentifier: string): Promise<unknown> {
+    const method = this.controllerContainer.get(endpointOrMethodIdentifier)
+
+    if (!method) {
+      throw new Error(`Method ${endpointOrMethodIdentifier} not found`)
+    }
+
+    return method(request, response)
+  }
+
+  async getContainer(): Promise<unknown> {
+    const config = new ContainerConfigLoader()
+
+    return config.load({
+      controllerConatiner: this.controllerContainer,
+      directCallDomainEventPublisher: this.directCallDomainEventPublisher,
+    })
+  }
+
+  getId(): ServiceIdentifier {
+    return ServiceIdentifier.create(ServiceIdentifier.NAMES.Revisions).getValue()
+  }
+}
@@ -1,46 +1,49 @@
 const TYPES = {
-  DBConnection: Symbol.for('DBConnection'),
-  Logger: Symbol.for('Logger'),
-  SQS: Symbol.for('SQS'),
-  S3: Symbol.for('S3'),
-  Env: Symbol.for('Env'),
+  Revisions_DBConnection: Symbol.for('Revisions_DBConnection'),
+  Revisions_Logger: Symbol.for('Revisions_Logger'),
+  Revisions_SQS: Symbol.for('Revisions_SQS'),
+  Revisions_S3: Symbol.for('Revisions_S3'),
+  Revisions_Env: Symbol.for('Revisions_Env'),
  // Map
-  RevisionMetadataPersistenceMapper: Symbol.for('RevisionMetadataPersistenceMapper'),
-  RevisionPersistenceMapper: Symbol.for('RevisionPersistenceMapper'),
-  RevisionItemStringMapper: Symbol.for('RevisionItemStringMapper'),
-  RevisionHttpMapper: Symbol.for('RevisionHttpMapper'),
-  RevisionMetadataHttpMapper: Symbol.for('RevisionMetadataHttpMapper'),
+  Revisions_RevisionMetadataPersistenceMapper: Symbol.for('Revisions_RevisionMetadataPersistenceMapper'),
+  Revisions_RevisionPersistenceMapper: Symbol.for('Revisions_RevisionPersistenceMapper'),
+  Revisions_RevisionItemStringMapper: Symbol.for('Revisions_RevisionItemStringMapper'),
+  Revisions_RevisionHttpMapper: Symbol.for('Revisions_RevisionHttpMapper'),
+  Revisions_RevisionMetadataHttpMapper: Symbol.for('Revisions_RevisionMetadataHttpMapper'),
  // ORM
-  ORMRevisionRepository: Symbol.for('ORMRevisionRepository'),
+  Revisions_ORMRevisionRepository: Symbol.for('Revisions_ORMRevisionRepository'),
  // Repositories
-  RevisionRepository: Symbol.for('RevisionRepository'),
-  DumpRepository: Symbol.for('DumpRepository'),
+  Revisions_RevisionRepository: Symbol.for('Revisions_RevisionRepository'),
+  Revisions_DumpRepository: Symbol.for('Revisions_DumpRepository'),
  // env vars
-  AUTH_JWT_SECRET: Symbol.for('AUTH_JWT_SECRET'),
-  SQS_QUEUE_URL: Symbol.for('SQS_QUEUE_URL'),
-  SQS_AWS_REGION: Symbol.for('SQS_AWS_REGION'),
-  S3_AWS_REGION: Symbol.for('S3_AWS_REGION'),
-  S3_BACKUP_BUCKET_NAME: Symbol.for('S3_BACKUP_BUCKET_NAME'),
-  NEW_RELIC_ENABLED: Symbol.for('NEW_RELIC_ENABLED'),
-  VERSION: Symbol.for('VERSION'),
+  Revisions_AUTH_JWT_SECRET: Symbol.for('Revisions_AUTH_JWT_SECRET'),
+  Revisions_SQS_QUEUE_URL: Symbol.for('Revisions_SQS_QUEUE_URL'),
+  Revisions_SQS_AWS_REGION: Symbol.for('Revisions_SQS_AWS_REGION'),
+  Revisions_S3_AWS_REGION: Symbol.for('Revisions_S3_AWS_REGION'),
+  Revisions_S3_BACKUP_BUCKET_NAME: Symbol.for('Revisions_S3_BACKUP_BUCKET_NAME'),
+  Revisions_NEW_RELIC_ENABLED: Symbol.for('Revisions_NEW_RELIC_ENABLED'),
+  Revisions_VERSION: Symbol.for('Revisions_VERSION'),
  // use cases
-  GetRevisionsMetada: Symbol.for('GetRevisionsMetada'),
-  GetRevision: Symbol.for('GetRevision'),
-  DeleteRevision: Symbol.for('DeleteRevision'),
-  CopyRevisions: Symbol.for('CopyRevisions'),
-  GetRequiredRoleToViewRevision: Symbol.for('GetRequiredRoleToViewRevision'),
+  Revisions_GetRevisionsMetada: Symbol.for('Revisions_GetRevisionsMetada'),
+  Revisions_GetRevision: Symbol.for('Revisions_GetRevision'),
+  Revisions_DeleteRevision: Symbol.for('Revisions_DeleteRevision'),
+  Revisions_CopyRevisions: Symbol.for('Revisions_CopyRevisions'),
+  Revisions_GetRequiredRoleToViewRevision: Symbol.for('Revisions_GetRequiredRoleToViewRevision'),
  // Controller
-  RevisionsController: Symbol.for('RevisionsController'),
-  ApiGatewayAuthMiddleware: Symbol.for('ApiGatewayAuthMiddleware'),
+  Revisions_ControllerContainer: Symbol.for('Revisions_ControllerContainer'),
+  Revisions_RevisionsController: Symbol.for('Revisions_RevisionsController'),
+  Revisions_ApiGatewayAuthMiddleware: Symbol.for('Revisions_ApiGatewayAuthMiddleware'),
  // Handlers
-  ItemDumpedEventHandler: Symbol.for('ItemDumpedEventHandler'),
-  AccountDeletionRequestedEventHandler: Symbol.for('AccountDeletionRequestedEventHandler'),
-  RevisionsCopyRequestedEventHandler: Symbol.for('RevisionsCopyRequestedEventHandler'),
+  Revisions_ItemDumpedEventHandler: Symbol.for('Revisions_ItemDumpedEventHandler'),
+  Revisions_AccountDeletionRequestedEventHandler: Symbol.for('Revisions_AccountDeletionRequestedEventHandler'),
+  Revisions_RevisionsCopyRequestedEventHandler: Symbol.for('Revisions_RevisionsCopyRequestedEventHandler'),
  // Services
-  CrossServiceTokenDecoder: Symbol.for('CrossServiceTokenDecoder'),
-  DomainEventSubscriberFactory: Symbol.for('DomainEventSubscriberFactory'),
-  DomainEventMessageHandler: Symbol.for('DomainEventMessageHandler'),
-  Timer: Symbol.for('Timer'),
+  Revisions_CrossServiceTokenDecoder: Symbol.for('Revisions_CrossServiceTokenDecoder'),
+  Revisions_DomainEventSubscriberFactory: Symbol.for('Revisions_DomainEventSubscriberFactory'),
+  Revisions_DomainEventMessageHandler: Symbol.for('Revisions_DomainEventMessageHandler'),
+  Revisions_Timer: Symbol.for('Revisions_Timer'),
+  // Inversify Express Controllers
+  Revisions_InversifyExpressRevisionsController: Symbol.for('Revisions_InversifyExpressRevisionsController'),
 }

 export default TYPES
@@ -1,155 +0,0 @@
-import { SQSClient, SQSClientConfig } from '@aws-sdk/client-sqs'
-import { S3Client } from '@aws-sdk/client-s3'
-import { Container, interfaces } from 'inversify'
-import {
-  DomainEventHandlerInterface,
-  DomainEventMessageHandlerInterface,
-  DomainEventSubscriberFactoryInterface,
-} from '@standardnotes/domain-events'
-import {
-  SQSDomainEventSubscriberFactory,
-  SQSEventMessageHandler,
-  SQSNewRelicEventMessageHandler,
-} from '@standardnotes/domain-events-infra'
-import { MapperInterface } from '@standardnotes/domain-core'
-
-import TYPES from './Types'
-import { Revision } from '../Domain/Revision/Revision'
-import { RevisionItemStringMapper } from '../Mapping/RevisionItemStringMapper'
-import { ItemDumpedEventHandler } from '../Domain/Handler/ItemDumpedEventHandler'
-import { DumpRepositoryInterface } from '../Domain/Dump/DumpRepositoryInterface'
-import { S3DumpRepository } from '../Infra/S3/S3ItemDumpRepository'
-import { FSDumpRepository } from '../Infra/FS/FSDumpRepository'
-import { AccountDeletionRequestedEventHandler } from '../Domain/Handler/AccountDeletionRequestedEventHandler'
-import { RevisionsCopyRequestedEventHandler } from '../Domain/Handler/RevisionsCopyRequestedEventHandler'
-import { CopyRevisions } from '../Domain/UseCase/CopyRevisions/CopyRevisions'
-import { CommonContainerConfigLoader } from './CommonContainerConfigLoader'
-import { Env } from './Env'
-
-export class WorkerContainerConfigLoader extends CommonContainerConfigLoader {
-  override async load(): Promise<Container> {
-    const container = await super.load()
-
-    const env: Env = container.get(TYPES.Env)
-
-    container.bind<SQSClient>(TYPES.SQS).toDynamicValue((context: interfaces.Context) => {
-      const env: Env = context.container.get(TYPES.Env)
-
-      const sqsConfig: SQSClientConfig = {
-        region: env.get('SQS_AWS_REGION'),
-      }
-      if (env.get('SQS_ENDPOINT', true)) {
-        sqsConfig.endpoint = env.get('SQS_ENDPOINT', true)
-      }
-      if (env.get('SQS_ACCESS_KEY_ID', true) && env.get('SQS_SECRET_ACCESS_KEY', true)) {
-        sqsConfig.credentials = {
-          accessKeyId: env.get('SQS_ACCESS_KEY_ID', true),
-          secretAccessKey: env.get('SQS_SECRET_ACCESS_KEY', true),
-        }
-      }
-
-      return new SQSClient(sqsConfig)
-    })
-
-    container.bind<S3Client | undefined>(TYPES.S3).toDynamicValue((context: interfaces.Context) => {
-      const env: Env = context.container.get(TYPES.Env)
-
-      let s3Client = undefined
-      if (env.get('S3_AWS_REGION', true)) {
-        s3Client = new S3Client({
-          apiVersion: 'latest',
-          region: env.get('S3_AWS_REGION', true),
-        })
-      }
-
-      return s3Client
-    })
-
-    // Map
-    container
-      .bind<MapperInterface<Revision, string>>(TYPES.RevisionItemStringMapper)
-      .toDynamicValue(() => new RevisionItemStringMapper())
-
-    // env vars
-    container.bind(TYPES.SQS_QUEUE_URL).toConstantValue(env.get('SQS_QUEUE_URL'))
-    container.bind(TYPES.S3_AWS_REGION).toConstantValue(env.get('S3_AWS_REGION', true))
-    container.bind(TYPES.S3_BACKUP_BUCKET_NAME).toConstantValue(env.get('S3_BACKUP_BUCKET_NAME', true))
-
-    container.bind<DumpRepositoryInterface>(TYPES.DumpRepository).toDynamicValue((context: interfaces.Context) => {
-      const env: Env = context.container.get(TYPES.Env)
-
-      if (env.get('S3_AWS_REGION', true)) {
-        return new S3DumpRepository(
-          context.container.get(TYPES.S3_BACKUP_BUCKET_NAME),
-          context.container.get(TYPES.S3),
-          context.container.get(TYPES.RevisionItemStringMapper),
-          context.container.get(TYPES.Logger),
-        )
-      } else {
-        return new FSDumpRepository(context.container.get(TYPES.RevisionItemStringMapper))
-      }
-    })
-
-    // use cases
-    container.bind<CopyRevisions>(TYPES.CopyRevisions).toDynamicValue((context: interfaces.Context) => {
-      return new CopyRevisions(context.container.get(TYPES.RevisionRepository))
-    })
-
-    // Handlers
-    container
-      .bind<ItemDumpedEventHandler>(TYPES.ItemDumpedEventHandler)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new ItemDumpedEventHandler(
-          context.container.get(TYPES.DumpRepository),
-          context.container.get(TYPES.RevisionRepository),
-        )
-      })
-    container
-      .bind<AccountDeletionRequestedEventHandler>(TYPES.AccountDeletionRequestedEventHandler)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new AccountDeletionRequestedEventHandler(
-          context.container.get(TYPES.RevisionRepository),
-          context.container.get(TYPES.Logger),
-        )
-      })
-    container
-      .bind<RevisionsCopyRequestedEventHandler>(TYPES.RevisionsCopyRequestedEventHandler)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new RevisionsCopyRequestedEventHandler(
-          context.container.get(TYPES.CopyRevisions),
-          context.container.get(TYPES.Logger),
-        )
-      })
-
-    container
-      .bind<DomainEventMessageHandlerInterface>(TYPES.DomainEventMessageHandler)
-      .toDynamicValue((context: interfaces.Context) => {
-        const env: Env = context.container.get(TYPES.Env)
-
-        const eventHandlers: Map<string, DomainEventHandlerInterface> = new Map([
-          ['ITEM_DUMPED', context.container.get(TYPES.ItemDumpedEventHandler)],
-          ['ACCOUNT_DELETION_REQUESTED', context.container.get(TYPES.AccountDeletionRequestedEventHandler)],
-          ['REVISIONS_COPY_REQUESTED', context.container.get(TYPES.RevisionsCopyRequestedEventHandler)],
-        ])
-
-        const handler =
-          env.get('NEW_RELIC_ENABLED', true) === 'true'
-            ? new SQSNewRelicEventMessageHandler(eventHandlers, context.container.get(TYPES.Logger))
-            : new SQSEventMessageHandler(eventHandlers, context.container.get(TYPES.Logger))
-
-        return handler
-      })
-
-    container
-      .bind<DomainEventSubscriberFactoryInterface>(TYPES.DomainEventSubscriberFactory)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new SQSDomainEventSubscriberFactory(
-          context.container.get(TYPES.SQS),
-          context.container.get(TYPES.SQS_QUEUE_URL),
-          context.container.get(TYPES.DomainEventMessageHandler),
-        )
-      })
-
-    return container
-  }
-}
@@ -0,0 +1 @@
+export * from './Service'
@@ -1,14 +1,22 @@
 import { Request, Response } from 'express'
 import { BaseHttpController, controller, httpDelete, httpGet, results } from 'inversify-express-utils'
 import { inject } from 'inversify'
+import { ControllerContainerInterface } from '@standardnotes/domain-core'

 import TYPES from '../../Bootstrap/Types'
 import { RevisionsController } from '../../Controller/RevisionsController'

-@controller('/items/:itemUuid/revisions', TYPES.ApiGatewayAuthMiddleware)
+@controller('/items/:itemUuid/revisions', TYPES.Revisions_ApiGatewayAuthMiddleware)
 export class InversifyExpressRevisionsController extends BaseHttpController {
-  constructor(@inject(TYPES.RevisionsController) private revisionsController: RevisionsController) {
+  constructor(
+    @inject(TYPES.Revisions_RevisionsController) private revisionsController: RevisionsController,
+    @inject(TYPES.Revisions_ControllerContainer) private controllerContainer: ControllerContainerInterface,
+  ) {
    super()
+
+    this.controllerContainer.register('revisions.revisions.getRevisions', this.getRevisions.bind(this))
+    this.controllerContainer.register('revisions.revisions.getRevision', this.getRevision.bind(this))
+    this.controllerContainer.register('revisions.revisions.deleteRevision', this.deleteRevision.bind(this))
  }

  @httpGet('/')
@@ -12,7 +12,10 @@ export class RevisionMetadataPersistenceMapper implements MapperInterface<Revisi
    }
    const contentType = contentTypeOrError.getValue()

-    const datesOrError = Dates.create(projection.createdAt, projection.updatedAt)
+    const createdAt = projection.createdAt instanceof Date ? projection.createdAt : new Date(projection.createdAt)
+    const updatedAt = projection.updatedAt instanceof Date ? projection.updatedAt : new Date(projection.updatedAt)
+
+    const datesOrError = Dates.create(createdAt, updatedAt)
    if (datesOrError.isFailed()) {
      throw new Error(`Could not create dates: ${datesOrError.getError()}`)
    }
@@ -0,0 +1 @@
+export * from './Bootstrap'
@@ -3,6 +3,16 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.1](https://github.com/standardnotes/syncing-server-js/compare/@standardnotes/syncing-server@1.37.0...@standardnotes/syncing-server@1.37.1) (2023-05-18)
+
+**Note:** Version bump only for package @standardnotes/syncing-server
+
+# [1.37.0](https://github.com/standardnotes/syncing-server-js/compare/@standardnotes/syncing-server@1.36.0...@standardnotes/syncing-server@1.37.0) (2023-05-17)
+
+### Features
+
+* bundle syncing server into home server setup ([#611](https://github.com/standardnotes/syncing-server-js/issues/611)) ([b3b617e](https://github.com/standardnotes/syncing-server-js/commit/b3b617ea0b4f4574f6aa7cfae0e9fa8f868f1f4c))
+
 # [1.36.0](https://github.com/standardnotes/syncing-server-js/compare/@standardnotes/syncing-server@1.35.4...@standardnotes/syncing-server@1.36.0) (2023-05-17)

 ### Features
@@ -2,8 +2,8 @@ import 'reflect-metadata'

 import 'newrelic'

-import '../src/Controller/HealthCheckController'
-import '../src/Controller/ItemsController'
+import '../src/Infra/InversifyExpressUtils/InversifyExpressHealthCheckController'
+import '../src/Infra/InversifyExpressUtils/InversifyExpressItemsController'

 import helmet from 'helmet'
 import * as cors from 'cors'
@@ -13,9 +13,9 @@ import * as winston from 'winston'
 import { InversifyExpressServer } from 'inversify-express-utils'
 import TYPES from '../src/Bootstrap/Types'
 import { Env } from '../src/Bootstrap/Env'
-import { ServerContainerConfigLoader } from '../src/Bootstrap/ServerContainerConfigLoader'
+import { ContainerConfigLoader } from '../src/Bootstrap/Container'

-const container = new ServerContainerConfigLoader()
+const container = new ContainerConfigLoader()
 void container.load().then((container) => {
  const env: Env = new Env()
  env.load()
@@ -24,7 +24,7 @@ void container.load().then((container) => {

  server.setConfig((app) => {
    app.use((_request: Request, response: Response, next: NextFunction) => {
-      response.setHeader('X-SSJS-Version', container.get(TYPES.VERSION))
+      response.setHeader('X-SSJS-Version', container.get(TYPES.Sync_VERSION))
      next()
    })
    /* eslint-disable */
@@ -54,7 +54,7 @@ void container.load().then((container) => {
    app.use(cors())
  })

-  const logger: winston.Logger = container.get(TYPES.Logger)
+  const logger: winston.Logger = container.get(TYPES.Sync_Logger)

  server.setErrorConfig((app) => {
    app.use((error: Record<string, unknown>, _request: Request, response: Response, _next: NextFunction) => {
@@ -7,18 +7,20 @@ import { Logger } from 'winston'
 import TYPES from '../src/Bootstrap/Types'
 import { Env } from '../src/Bootstrap/Env'
 import { DomainEventSubscriberFactoryInterface } from '@standardnotes/domain-events'
-import { WorkerContainerConfigLoader } from '../src/Bootstrap/WorkerContainerConfigLoader'
+import { ContainerConfigLoader } from '../src/Bootstrap/Container'

-const container = new WorkerContainerConfigLoader()
+const container = new ContainerConfigLoader()
 void container.load().then((container) => {
  const env: Env = new Env()
  env.load()

-  const logger: Logger = container.get(TYPES.Logger)
+  const logger: Logger = container.get(TYPES.Sync_Logger)

  logger.info('Starting worker...')

-  const subscriberFactory: DomainEventSubscriberFactoryInterface = container.get(TYPES.DomainEventSubscriberFactory)
+  const subscriberFactory: DomainEventSubscriberFactoryInterface = container.get(
+    TYPES.Sync_DomainEventSubscriberFactory,
+  )
  subscriberFactory.create().start()

  setInterval(() => logger.info('Alive and kicking!'), 20 * 60 * 1000)
@@ -1,6 +1,6 @@
 {
  "name": "@standardnotes/syncing-server",
-  "version": "1.36.0",
+  "version": "1.37.1",
  "engines": {
    "node": ">=18.0.0 <21.0.0"
  },
@@ -1,119 +0,0 @@
-import * as winston from 'winston'
-import { Container, interfaces } from 'inversify'
-
-import { Env } from './Env'
-import TYPES from './Types'
-import { AppDataSource } from './DataSource'
-import { SNSClient, SNSClientConfig } from '@aws-sdk/client-sns'
-import { ItemRepositoryInterface } from '../Domain/Item/ItemRepositoryInterface'
-import { TypeORMItemRepository } from '../Infra/TypeORM/TypeORMItemRepository'
-import { Repository } from 'typeorm'
-import { Item } from '../Domain/Item/Item'
-import { ItemProjection } from '../Projection/ItemProjection'
-import { ProjectorInterface } from '../Projection/ProjectorInterface'
-import { ItemProjector } from '../Projection/ItemProjector'
-import { SNSDomainEventPublisher } from '@standardnotes/domain-events-infra'
-import { DomainEventFactoryInterface } from '../Domain/Event/DomainEventFactoryInterface'
-import { DomainEventFactory } from '../Domain/Event/DomainEventFactory'
-import { Timer, TimerInterface } from '@standardnotes/time'
-import { ItemTransferCalculatorInterface } from '../Domain/Item/ItemTransferCalculatorInterface'
-import { ItemTransferCalculator } from '../Domain/Item/ItemTransferCalculator'
-// eslint-disable-next-line @typescript-eslint/no-var-requires
-const newrelicFormatter = require('@newrelic/winston-enricher')
-
-export class CommonContainerConfigLoader {
-  async load(): Promise<Container> {
-    const env: Env = new Env()
-    env.load()
-
-    const container = new Container({
-      defaultScope: 'Singleton',
-    })
-
-    await AppDataSource.initialize()
-
-    container.bind<Env>(TYPES.Env).toConstantValue(env)
-
-    container.bind<winston.Logger>(TYPES.Logger).toDynamicValue((context: interfaces.Context) => {
-      const env: Env = context.container.get(TYPES.Env)
-
-      const newrelicWinstonFormatter = newrelicFormatter(winston)
-      const winstonFormatters = [winston.format.splat(), winston.format.json()]
-      if (env.get('NEW_RELIC_ENABLED', true) === 'true') {
-        winstonFormatters.push(newrelicWinstonFormatter())
-      }
-
-      const logger = winston.createLogger({
-        level: env.get('LOG_LEVEL') || 'info',
-        format: winston.format.combine(...winstonFormatters),
-        transports: [new winston.transports.Console({ level: env.get('LOG_LEVEL') || 'info' })],
-      })
-
-      return logger
-    })
-
-    container.bind<SNSClient>(TYPES.SNS).toDynamicValue((context: interfaces.Context) => {
-      const env: Env = context.container.get(TYPES.Env)
-
-      const snsConfig: SNSClientConfig = {
-        apiVersion: 'latest',
-        region: env.get('SNS_AWS_REGION', true),
-      }
-      if (env.get('SNS_ENDPOINT', true)) {
-        snsConfig.endpoint = env.get('SNS_ENDPOINT', true)
-      }
-      if (env.get('SNS_ACCESS_KEY_ID', true) && env.get('SNS_SECRET_ACCESS_KEY', true)) {
-        snsConfig.credentials = {
-          accessKeyId: env.get('SNS_ACCESS_KEY_ID', true),
-          secretAccessKey: env.get('SNS_SECRET_ACCESS_KEY', true),
-        }
-      }
-
-      return new SNSClient(snsConfig)
-    })
-
-    // Repositories
-    container.bind<ItemRepositoryInterface>(TYPES.ItemRepository).toDynamicValue((context: interfaces.Context) => {
-      return new TypeORMItemRepository(context.container.get(TYPES.ORMItemRepository))
-    })
-
-    // ORM
-    container.bind<Repository<Item>>(TYPES.ORMItemRepository).toDynamicValue(() => AppDataSource.getRepository(Item))
-
-    // Projectors
-    container
-      .bind<ProjectorInterface<Item, ItemProjection>>(TYPES.ItemProjector)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new ItemProjector(context.container.get(TYPES.Timer))
-      })
-
-    // env vars
-    container.bind(TYPES.SNS_TOPIC_ARN).toConstantValue(env.get('SNS_TOPIC_ARN'))
-    container.bind(TYPES.SNS_AWS_REGION).toConstantValue(env.get('SNS_AWS_REGION', true))
-
-    container.bind<TimerInterface>(TYPES.Timer).toDynamicValue(() => new Timer())
-
-    container
-      .bind<SNSDomainEventPublisher>(TYPES.DomainEventPublisher)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new SNSDomainEventPublisher(context.container.get(TYPES.SNS), context.container.get(TYPES.SNS_TOPIC_ARN))
-      })
-
-    container
-      .bind<DomainEventFactoryInterface>(TYPES.DomainEventFactory)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new DomainEventFactory(context.container.get(TYPES.Timer))
-      })
-
-    container
-      .bind<ItemTransferCalculatorInterface>(TYPES.ItemTransferCalculator)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new ItemTransferCalculator(
-          context.container.get(TYPES.ItemRepository),
-          context.container.get(TYPES.Logger),
-        )
-      })
-
-    return container
-  }
-}
@@ -0,0 +1,517 @@
+import * as winston from 'winston'
+import { Container, interfaces } from 'inversify'
+
+import { Env } from './Env'
+import TYPES from './Types'
+import { AppDataSource } from './DataSource'
+import { SNSClient, SNSClientConfig } from '@aws-sdk/client-sns'
+import { ItemRepositoryInterface } from '../Domain/Item/ItemRepositoryInterface'
+import { TypeORMItemRepository } from '../Infra/TypeORM/TypeORMItemRepository'
+import { Repository } from 'typeorm'
+import { Item } from '../Domain/Item/Item'
+import { ItemProjection } from '../Projection/ItemProjection'
+import { ProjectorInterface } from '../Projection/ProjectorInterface'
+import { ItemProjector } from '../Projection/ItemProjector'
+import {
+  DirectCallDomainEventPublisher,
+  DirectCallEventMessageHandler,
+  SNSDomainEventPublisher,
+  SQSDomainEventSubscriberFactory,
+  SQSEventMessageHandler,
+  SQSNewRelicEventMessageHandler,
+} from '@standardnotes/domain-events-infra'
+import { DomainEventFactoryInterface } from '../Domain/Event/DomainEventFactoryInterface'
+import { DomainEventFactory } from '../Domain/Event/DomainEventFactory'
+import { Timer, TimerInterface } from '@standardnotes/time'
+import { ItemTransferCalculatorInterface } from '../Domain/Item/ItemTransferCalculatorInterface'
+import { ItemTransferCalculator } from '../Domain/Item/ItemTransferCalculator'
+import { ItemConflict } from '../Domain/Item/ItemConflict'
+import { ItemFactory } from '../Domain/Item/ItemFactory'
+import { ItemFactoryInterface } from '../Domain/Item/ItemFactoryInterface'
+import { ItemService } from '../Domain/Item/ItemService'
+import { ItemServiceInterface } from '../Domain/Item/ItemServiceInterface'
+import { ContentFilter } from '../Domain/Item/SaveRule/ContentFilter'
+import { ContentTypeFilter } from '../Domain/Item/SaveRule/ContentTypeFilter'
+import { OwnershipFilter } from '../Domain/Item/SaveRule/OwnershipFilter'
+import { TimeDifferenceFilter } from '../Domain/Item/SaveRule/TimeDifferenceFilter'
+import { UuidFilter } from '../Domain/Item/SaveRule/UuidFilter'
+import { ItemSaveValidator } from '../Domain/Item/SaveValidator/ItemSaveValidator'
+import { ItemSaveValidatorInterface } from '../Domain/Item/SaveValidator/ItemSaveValidatorInterface'
+import { SyncResponseFactory20161215 } from '../Domain/Item/SyncResponse/SyncResponseFactory20161215'
+import { SyncResponseFactory20200115 } from '../Domain/Item/SyncResponse/SyncResponseFactory20200115'
+import { SyncResponseFactoryResolver } from '../Domain/Item/SyncResponse/SyncResponseFactoryResolver'
+import { SyncResponseFactoryResolverInterface } from '../Domain/Item/SyncResponse/SyncResponseFactoryResolverInterface'
+import { CheckIntegrity } from '../Domain/UseCase/CheckIntegrity/CheckIntegrity'
+import { GetItem } from '../Domain/UseCase/GetItem/GetItem'
+import { SyncItems } from '../Domain/UseCase/SyncItems'
+import { InversifyExpressAuthMiddleware } from '../Infra/InversifyExpressUtils/Middleware/InversifyExpressAuthMiddleware'
+import { ItemConflictProjection } from '../Projection/ItemConflictProjection'
+import { ItemConflictProjector } from '../Projection/ItemConflictProjector'
+import { SavedItemProjection } from '../Projection/SavedItemProjection'
+import { SavedItemProjector } from '../Projection/SavedItemProjector'
+import { S3Client } from '@aws-sdk/client-s3'
+import { SQSClient, SQSClientConfig } from '@aws-sdk/client-sqs'
+import { ContentDecoder } from '@standardnotes/common'
+import {
+  DomainEventMessageHandlerInterface,
+  DomainEventHandlerInterface,
+  DomainEventSubscriberFactoryInterface,
+  DomainEventPublisherInterface,
+} from '@standardnotes/domain-events'
+import axios, { AxiosInstance } from 'axios'
+import { AuthHttpServiceInterface } from '../Domain/Auth/AuthHttpServiceInterface'
+import { ExtensionsHttpService } from '../Domain/Extension/ExtensionsHttpService'
+import { ExtensionsHttpServiceInterface } from '../Domain/Extension/ExtensionsHttpServiceInterface'
+import { AccountDeletionRequestedEventHandler } from '../Domain/Handler/AccountDeletionRequestedEventHandler'
+import { DuplicateItemSyncedEventHandler } from '../Domain/Handler/DuplicateItemSyncedEventHandler'
+import { EmailBackupRequestedEventHandler } from '../Domain/Handler/EmailBackupRequestedEventHandler'
+import { ItemRevisionCreationRequestedEventHandler } from '../Domain/Handler/ItemRevisionCreationRequestedEventHandler'
+import { ItemBackupServiceInterface } from '../Domain/Item/ItemBackupServiceInterface'
+import { FSItemBackupService } from '../Infra/FS/FSItemBackupService'
+import { AuthHttpService } from '../Infra/HTTP/AuthHttpService'
+import { S3ItemBackupService } from '../Infra/S3/S3ItemBackupService'
+import { ControllerContainer, ControllerContainerInterface } from '@standardnotes/domain-core'
+import { InversifyExpressItemsController } from '../Infra/InversifyExpressUtils/InversifyExpressItemsController'
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const newrelicFormatter = require('@newrelic/winston-enricher')
+
+export class ContainerConfigLoader {
+  private readonly DEFAULT_CONTENT_SIZE_TRANSFER_LIMIT = 10_000_000
+  private readonly DEFAULT_MAX_ITEMS_LIMIT = 300
+  private readonly DEFAULT_FILE_UPLOAD_PATH = `${__dirname}/../../uploads`
+
+  async load(configuration?: {
+    controllerConatiner?: ControllerContainerInterface
+    directCallDomainEventPublisher?: DirectCallDomainEventPublisher
+  }): Promise<Container> {
+    const directCallDomainEventPublisher =
+      configuration?.directCallDomainEventPublisher ?? new DirectCallDomainEventPublisher()
+
+    const env: Env = new Env()
+    env.load()
+
+    const container = new Container({
+      defaultScope: 'Singleton',
+    })
+
+    await AppDataSource.initialize()
+
+    const isConfiguredForHomeServer = env.get('DB_TYPE') === 'sqlite'
+
+    container.bind<Env>(TYPES.Sync_Env).toConstantValue(env)
+
+    container.bind<winston.Logger>(TYPES.Sync_Logger).toDynamicValue((context: interfaces.Context) => {
+      const env: Env = context.container.get(TYPES.Sync_Env)
+
+      const newrelicWinstonFormatter = newrelicFormatter(winston)
+      const winstonFormatters = [winston.format.splat(), winston.format.json()]
+      if (env.get('NEW_RELIC_ENABLED', true) === 'true') {
+        winstonFormatters.push(newrelicWinstonFormatter())
+      }
+
+      const logger = winston.createLogger({
+        level: env.get('LOG_LEVEL') || 'info',
+        format: winston.format.combine(...winstonFormatters),
+        transports: [new winston.transports.Console({ level: env.get('LOG_LEVEL') || 'info' })],
+        defaultMeta: { service: 'syncing-server' },
+      })
+
+      return logger
+    })
+
+    if (isConfiguredForHomeServer) {
+      container
+        .bind<DomainEventPublisherInterface>(TYPES.Sync_DomainEventPublisher)
+        .toConstantValue(directCallDomainEventPublisher)
+    } else {
+      container.bind(TYPES.Sync_SNS_TOPIC_ARN).toConstantValue(env.get('SNS_TOPIC_ARN'))
+      container.bind(TYPES.Sync_SNS_AWS_REGION).toConstantValue(env.get('SNS_AWS_REGION', true))
+      container.bind(TYPES.Sync_SQS_QUEUE_URL).toConstantValue(env.get('SQS_QUEUE_URL'))
+      container.bind(TYPES.Sync_S3_AWS_REGION).toConstantValue(env.get('S3_AWS_REGION', true))
+      container.bind(TYPES.Sync_S3_BACKUP_BUCKET_NAME).toConstantValue(env.get('S3_BACKUP_BUCKET_NAME', true))
+      container.bind(TYPES.Sync_EXTENSIONS_SERVER_URL).toConstantValue(env.get('EXTENSIONS_SERVER_URL', true))
+
+      container.bind<SNSClient>(TYPES.Sync_SNS).toDynamicValue((context: interfaces.Context) => {
+        const env: Env = context.container.get(TYPES.Sync_Env)
+
+        const snsConfig: SNSClientConfig = {
+          apiVersion: 'latest',
+          region: env.get('SNS_AWS_REGION', true),
+        }
+        if (env.get('SNS_ENDPOINT', true)) {
+          snsConfig.endpoint = env.get('SNS_ENDPOINT', true)
+        }
+        if (env.get('SNS_ACCESS_KEY_ID', true) && env.get('SNS_SECRET_ACCESS_KEY', true)) {
+          snsConfig.credentials = {
+            accessKeyId: env.get('SNS_ACCESS_KEY_ID', true),
+            secretAccessKey: env.get('SNS_SECRET_ACCESS_KEY', true),
+          }
+        }
+
+        return new SNSClient(snsConfig)
+      })
+
+      container
+        .bind<DomainEventPublisherInterface>(TYPES.Sync_DomainEventPublisher)
+        .toDynamicValue((context: interfaces.Context) => {
+          return new SNSDomainEventPublisher(
+            context.container.get(TYPES.Sync_SNS),
+            context.container.get(TYPES.Sync_SNS_TOPIC_ARN),
+          )
+        })
+
+      container.bind<SQSClient>(TYPES.Sync_SQS).toDynamicValue((context: interfaces.Context) => {
+        const env: Env = context.container.get(TYPES.Sync_Env)
+
+        const sqsConfig: SQSClientConfig = {
+          region: env.get('SQS_AWS_REGION'),
+        }
+        if (env.get('SQS_ENDPOINT', true)) {
+          sqsConfig.endpoint = env.get('SQS_ENDPOINT', true)
+        }
+        if (env.get('SQS_ACCESS_KEY_ID', true) && env.get('SQS_SECRET_ACCESS_KEY', true)) {
+          sqsConfig.credentials = {
+            accessKeyId: env.get('SQS_ACCESS_KEY_ID', true),
+            secretAccessKey: env.get('SQS_SECRET_ACCESS_KEY', true),
+          }
+        }
+
+        return new SQSClient(sqsConfig)
+      })
+
+      container.bind<S3Client | undefined>(TYPES.Sync_S3).toDynamicValue((context: interfaces.Context) => {
+        const env: Env = context.container.get(TYPES.Sync_Env)
+
+        let s3Client = undefined
+        if (env.get('S3_AWS_REGION', true)) {
+          s3Client = new S3Client({
+            apiVersion: 'latest',
+            region: env.get('S3_AWS_REGION', true),
+          })
+        }
+
+        return s3Client
+      })
+    }
+
+    // Repositories
+    container.bind<ItemRepositoryInterface>(TYPES.Sync_ItemRepository).toDynamicValue((context: interfaces.Context) => {
+      return new TypeORMItemRepository(context.container.get(TYPES.Sync_ORMItemRepository))
+    })
+
+    // ORM
+    container
+      .bind<Repository<Item>>(TYPES.Sync_ORMItemRepository)
+      .toDynamicValue(() => AppDataSource.getRepository(Item))
+
+    // Projectors
+    container
+      .bind<ProjectorInterface<Item, ItemProjection>>(TYPES.Sync_ItemProjector)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new ItemProjector(context.container.get(TYPES.Sync_Timer))
+      })
+
+    container.bind<TimerInterface>(TYPES.Sync_Timer).toDynamicValue(() => new Timer())
+
+    container
+      .bind<DomainEventFactoryInterface>(TYPES.Sync_DomainEventFactory)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new DomainEventFactory(context.container.get(TYPES.Sync_Timer))
+      })
+
+    container
+      .bind<ItemTransferCalculatorInterface>(TYPES.Sync_ItemTransferCalculator)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new ItemTransferCalculator(
+          context.container.get(TYPES.Sync_ItemRepository),
+          context.container.get(TYPES.Sync_Logger),
+        )
+      })
+
+    // Middleware
+    container
+      .bind<InversifyExpressAuthMiddleware>(TYPES.Sync_AuthMiddleware)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new InversifyExpressAuthMiddleware(
+          context.container.get(TYPES.Sync_AUTH_JWT_SECRET),
+          context.container.get(TYPES.Sync_Logger),
+        )
+      })
+
+    // Projectors
+    container
+      .bind<ProjectorInterface<Item, SavedItemProjection>>(TYPES.Sync_SavedItemProjector)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new SavedItemProjector(context.container.get(TYPES.Sync_Timer))
+      })
+    container
+      .bind<ProjectorInterface<ItemConflict, ItemConflictProjection>>(TYPES.Sync_ItemConflictProjector)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new ItemConflictProjector(context.container.get(TYPES.Sync_ItemProjector))
+      })
+
+    // env vars
+    container.bind(TYPES.Sync_AUTH_JWT_SECRET).toConstantValue(env.get('AUTH_JWT_SECRET'))
+    container
+      .bind(TYPES.Sync_REVISIONS_FREQUENCY)
+      .toConstantValue(env.get('REVISIONS_FREQUENCY', true) ? +env.get('REVISIONS_FREQUENCY', true) : 300)
+    container.bind(TYPES.Sync_NEW_RELIC_ENABLED).toConstantValue(env.get('NEW_RELIC_ENABLED', true))
+    container.bind(TYPES.Sync_VERSION).toConstantValue(env.get('VERSION', true) ?? 'development')
+    container
+      .bind(TYPES.Sync_CONTENT_SIZE_TRANSFER_LIMIT)
+      .toConstantValue(
+        env.get('CONTENT_SIZE_TRANSFER_LIMIT', true)
+          ? +env.get('CONTENT_SIZE_TRANSFER_LIMIT', true)
+          : this.DEFAULT_CONTENT_SIZE_TRANSFER_LIMIT,
+      )
+    container
+      .bind(TYPES.Sync_MAX_ITEMS_LIMIT)
+      .toConstantValue(
+        env.get('MAX_ITEMS_LIMIT', true) ? +env.get('MAX_ITEMS_LIMIT', true) : this.DEFAULT_MAX_ITEMS_LIMIT,
+      )
+
+    // use cases
+    container.bind<SyncItems>(TYPES.Sync_SyncItems).toDynamicValue((context: interfaces.Context) => {
+      return new SyncItems(context.container.get(TYPES.Sync_ItemService))
+    })
+    container.bind<CheckIntegrity>(TYPES.Sync_CheckIntegrity).toDynamicValue((context: interfaces.Context) => {
+      return new CheckIntegrity(context.container.get(TYPES.Sync_ItemRepository))
+    })
+    container.bind<GetItem>(TYPES.Sync_GetItem).toDynamicValue((context: interfaces.Context) => {
+      return new GetItem(context.container.get(TYPES.Sync_ItemRepository))
+    })
+
+    // Services
+    container.bind<ItemServiceInterface>(TYPES.Sync_ItemService).toDynamicValue((context: interfaces.Context) => {
+      return new ItemService(
+        context.container.get(TYPES.Sync_ItemSaveValidator),
+        context.container.get(TYPES.Sync_ItemFactory),
+        context.container.get(TYPES.Sync_ItemRepository),
+        context.container.get(TYPES.Sync_DomainEventPublisher),
+        context.container.get(TYPES.Sync_DomainEventFactory),
+        context.container.get(TYPES.Sync_REVISIONS_FREQUENCY),
+        context.container.get(TYPES.Sync_CONTENT_SIZE_TRANSFER_LIMIT),
+        context.container.get(TYPES.Sync_ItemTransferCalculator),
+        context.container.get(TYPES.Sync_Timer),
+        context.container.get(TYPES.Sync_ItemProjector),
+        context.container.get(TYPES.Sync_MAX_ITEMS_LIMIT),
+        context.container.get(TYPES.Sync_Logger),
+      )
+    })
+    container
+      .bind<SyncResponseFactory20161215>(TYPES.Sync_SyncResponseFactory20161215)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new SyncResponseFactory20161215(context.container.get(TYPES.Sync_ItemProjector))
+      })
+    container
+      .bind<SyncResponseFactory20200115>(TYPES.Sync_SyncResponseFactory20200115)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new SyncResponseFactory20200115(
+          context.container.get(TYPES.Sync_ItemProjector),
+          context.container.get(TYPES.Sync_ItemConflictProjector),
+          context.container.get(TYPES.Sync_SavedItemProjector),
+        )
+      })
+    container
+      .bind<SyncResponseFactoryResolverInterface>(TYPES.Sync_SyncResponseFactoryResolver)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new SyncResponseFactoryResolver(
+          context.container.get(TYPES.Sync_SyncResponseFactory20161215),
+          context.container.get(TYPES.Sync_SyncResponseFactory20200115),
+        )
+      })
+
+    container.bind<ItemFactoryInterface>(TYPES.Sync_ItemFactory).toDynamicValue((context: interfaces.Context) => {
+      return new ItemFactory(context.container.get(TYPES.Sync_Timer), context.container.get(TYPES.Sync_ItemProjector))
+    })
+
+    container.bind<OwnershipFilter>(TYPES.Sync_OwnershipFilter).toDynamicValue(() => new OwnershipFilter())
+    container
+      .bind<TimeDifferenceFilter>(TYPES.Sync_TimeDifferenceFilter)
+      .toDynamicValue(
+        (context: interfaces.Context) => new TimeDifferenceFilter(context.container.get(TYPES.Sync_Timer)),
+      )
+    container.bind<UuidFilter>(TYPES.Sync_UuidFilter).toDynamicValue(() => new UuidFilter())
+    container.bind<ContentTypeFilter>(TYPES.Sync_ContentTypeFilter).toDynamicValue(() => new ContentTypeFilter())
+    container.bind<ContentFilter>(TYPES.Sync_ContentFilter).toDynamicValue(() => new ContentFilter())
+
+    container
+      .bind<ItemSaveValidatorInterface>(TYPES.Sync_ItemSaveValidator)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new ItemSaveValidator([
+          context.container.get(TYPES.Sync_OwnershipFilter),
+          context.container.get(TYPES.Sync_TimeDifferenceFilter),
+          context.container.get(TYPES.Sync_UuidFilter),
+          context.container.get(TYPES.Sync_ContentTypeFilter),
+          context.container.get(TYPES.Sync_ContentFilter),
+        ])
+      })
+
+    // env vars
+    container
+      .bind(TYPES.Sync_EMAIL_ATTACHMENT_MAX_BYTE_SIZE)
+      .toConstantValue(
+        env.get('EMAIL_ATTACHMENT_MAX_BYTE_SIZE', true) ? +env.get('EMAIL_ATTACHMENT_MAX_BYTE_SIZE', true) : 10485760,
+      )
+    container.bind(TYPES.Sync_NEW_RELIC_ENABLED).toConstantValue(env.get('NEW_RELIC_ENABLED', true))
+    container
+      .bind(TYPES.Sync_FILE_UPLOAD_PATH)
+      .toConstantValue(
+        env.get('FILE_UPLOAD_PATH', true) ? env.get('FILE_UPLOAD_PATH', true) : this.DEFAULT_FILE_UPLOAD_PATH,
+      )
+
+    // Handlers
+    container
+      .bind<DuplicateItemSyncedEventHandler>(TYPES.Sync_DuplicateItemSyncedEventHandler)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new DuplicateItemSyncedEventHandler(
+          context.container.get(TYPES.Sync_ItemRepository),
+          context.container.get(TYPES.Sync_DomainEventFactory),
+          context.container.get(TYPES.Sync_DomainEventPublisher),
+          context.container.get(TYPES.Sync_Logger),
+        )
+      })
+    container
+      .bind<AccountDeletionRequestedEventHandler>(TYPES.Sync_AccountDeletionRequestedEventHandler)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new AccountDeletionRequestedEventHandler(
+          context.container.get(TYPES.Sync_ItemRepository),
+          context.container.get(TYPES.Sync_Logger),
+        )
+      })
+    container
+      .bind<ItemRevisionCreationRequestedEventHandler>(TYPES.Sync_ItemRevisionCreationRequestedEventHandler)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new ItemRevisionCreationRequestedEventHandler(
+          context.container.get(TYPES.Sync_ItemRepository),
+          context.container.get(TYPES.Sync_ItemBackupService),
+          context.container.get(TYPES.Sync_DomainEventFactory),
+          context.container.get(TYPES.Sync_DomainEventPublisher),
+        )
+      })
+
+    // Services
+    container.bind<ContentDecoder>(TYPES.Sync_ContentDecoder).toDynamicValue(() => new ContentDecoder())
+    container.bind<AxiosInstance>(TYPES.Sync_HTTPClient).toDynamicValue(() => axios.create())
+    container
+      .bind<ExtensionsHttpServiceInterface>(TYPES.Sync_ExtensionsHttpService)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new ExtensionsHttpService(
+          context.container.get(TYPES.Sync_HTTPClient),
+          context.container.get(TYPES.Sync_ItemRepository),
+          context.container.get(TYPES.Sync_ContentDecoder),
+          context.container.get(TYPES.Sync_DomainEventPublisher),
+          context.container.get(TYPES.Sync_DomainEventFactory),
+          context.container.get(TYPES.Sync_Logger),
+        )
+      })
+
+    container
+      .bind<ItemBackupServiceInterface>(TYPES.Sync_ItemBackupService)
+      .toDynamicValue((context: interfaces.Context) => {
+        const env: Env = context.container.get(TYPES.Sync_Env)
+
+        if (env.get('S3_AWS_REGION', true)) {
+          return new S3ItemBackupService(
+            context.container.get(TYPES.Sync_S3_BACKUP_BUCKET_NAME),
+            context.container.get(TYPES.Sync_ItemProjector),
+            context.container.get(TYPES.Sync_Logger),
+            context.container.get(TYPES.Sync_S3),
+          )
+        } else {
+          return new FSItemBackupService(
+            context.container.get(TYPES.Sync_FILE_UPLOAD_PATH),
+            context.container.get(TYPES.Sync_ItemProjector),
+            context.container.get(TYPES.Sync_Logger),
+          )
+        }
+      })
+
+    const eventHandlers: Map<string, DomainEventHandlerInterface> = new Map([
+      ['DUPLICATE_ITEM_SYNCED', container.get(TYPES.Sync_DuplicateItemSyncedEventHandler)],
+      ['ACCOUNT_DELETION_REQUESTED', container.get(TYPES.Sync_AccountDeletionRequestedEventHandler)],
+      ['ITEM_REVISION_CREATION_REQUESTED', container.get(TYPES.Sync_ItemRevisionCreationRequestedEventHandler)],
+    ])
+    if (!isConfiguredForHomeServer) {
+      container.bind(TYPES.Sync_AUTH_SERVER_URL).toConstantValue(env.get('AUTH_SERVER_URL'))
+
+      container
+        .bind<AuthHttpServiceInterface>(TYPES.Sync_AuthHttpService)
+        .toDynamicValue((context: interfaces.Context) => {
+          return new AuthHttpService(
+            context.container.get(TYPES.Sync_HTTPClient),
+            context.container.get(TYPES.Sync_AUTH_SERVER_URL),
+          )
+        })
+
+      container
+        .bind<EmailBackupRequestedEventHandler>(TYPES.Sync_EmailBackupRequestedEventHandler)
+        .toDynamicValue((context: interfaces.Context) => {
+          return new EmailBackupRequestedEventHandler(
+            context.container.get(TYPES.Sync_ItemRepository),
+            context.container.get(TYPES.Sync_AuthHttpService),
+            context.container.get(TYPES.Sync_ItemBackupService),
+            context.container.get(TYPES.Sync_DomainEventPublisher),
+            context.container.get(TYPES.Sync_DomainEventFactory),
+            context.container.get(TYPES.Sync_EMAIL_ATTACHMENT_MAX_BYTE_SIZE),
+            context.container.get(TYPES.Sync_ItemTransferCalculator),
+            context.container.get(TYPES.Sync_S3_BACKUP_BUCKET_NAME),
+            context.container.get(TYPES.Sync_Logger),
+          )
+        })
+
+      eventHandlers.set('EMAIL_BACKUP_REQUESTED', container.get(TYPES.Sync_EmailBackupRequestedEventHandler))
+    }
+
+    if (isConfiguredForHomeServer) {
+      const directCallEventMessageHandler = new DirectCallEventMessageHandler(
+        eventHandlers,
+        container.get(TYPES.Sync_Logger),
+      )
+      directCallDomainEventPublisher.register(directCallEventMessageHandler)
+
+      container
+        .bind<DomainEventMessageHandlerInterface>(TYPES.Sync_DomainEventMessageHandler)
+        .toConstantValue(directCallEventMessageHandler)
+    } else {
+      container
+        .bind<DomainEventMessageHandlerInterface>(TYPES.Sync_DomainEventMessageHandler)
+        .toConstantValue(
+          env.get('NEW_RELIC_ENABLED', true) === 'true'
+            ? new SQSNewRelicEventMessageHandler(eventHandlers, container.get(TYPES.Sync_Logger))
+            : new SQSEventMessageHandler(eventHandlers, container.get(TYPES.Sync_Logger)),
+        )
+    }
+
+    container
+      .bind<DomainEventSubscriberFactoryInterface>(TYPES.Sync_DomainEventSubscriberFactory)
+      .toDynamicValue((context: interfaces.Context) => {
+        return new SQSDomainEventSubscriberFactory(
+          context.container.get(TYPES.Sync_SQS),
+          context.container.get(TYPES.Sync_SQS_QUEUE_URL),
+          context.container.get(TYPES.Sync_DomainEventMessageHandler),
+        )
+      })
+
+    container
+      .bind<ControllerContainerInterface>(TYPES.Sync_ControllerContainer)
+      .toConstantValue(configuration?.controllerConatiner ?? new ControllerContainer())
+
+    if (isConfiguredForHomeServer) {
+      container
+        .bind<InversifyExpressItemsController>(TYPES.Sync_InversifyExpressItemsController)
+        .toConstantValue(
+          new InversifyExpressItemsController(
+            container.get(TYPES.Sync_SyncItems),
+            container.get(TYPES.Sync_CheckIntegrity),
+            container.get(TYPES.Sync_GetItem),
+            container.get(TYPES.Sync_ItemProjector),
+            container.get(TYPES.Sync_SyncResponseFactoryResolver),
+            container.get(TYPES.Sync_ControllerContainer),
+          ),
+        )
+    }
+
+    return container
+  }
+}
@@ -13,55 +13,62 @@ const maxQueryExecutionTime = env.get('DB_MAX_QUERY_EXECUTION_TIME', true)
  ? +env.get('DB_MAX_QUERY_EXECUTION_TIME', true)
  : 45_000

-const inReplicaMode = env.get('DB_REPLICA_HOST', true) ? true : false
+const commonDataSourceOptions = {
+  maxQueryExecutionTime,
+  entities: [Item],
+  migrations: [`${__dirname}/../../migrations/${isConfiguredForMySQL ? 'mysql' : 'sqlite'}/*.js`],
+  migrationsRun: true,
+  logging: <LoggerOptions>env.get('DB_DEBUG_LEVEL', true) ?? 'info',
+}

-const replicationConfig = {
-  master: {
-    host: env.get('DB_HOST'),
-    port: parseInt(env.get('DB_PORT')),
-    username: env.get('DB_USERNAME'),
-    password: env.get('DB_PASSWORD'),
-    database: env.get('DB_DATABASE'),
-  },
-  slaves: [
-    {
-      host: env.get('DB_REPLICA_HOST', true),
+let dataSource: DataSource
+if (isConfiguredForMySQL) {
+  const inReplicaMode = env.get('DB_REPLICA_HOST', true) ? true : false
+
+  const replicationConfig = {
+    master: {
+      host: env.get('DB_HOST'),
      port: parseInt(env.get('DB_PORT')),
      username: env.get('DB_USERNAME'),
      password: env.get('DB_PASSWORD'),
      database: env.get('DB_DATABASE'),
    },
-  ],
-  removeNodeErrorCount: 10,
-  restoreNodeTimeout: 5,
+    slaves: [
+      {
+        host: env.get('DB_REPLICA_HOST', true),
+        port: parseInt(env.get('DB_PORT')),
+        username: env.get('DB_USERNAME'),
+        password: env.get('DB_PASSWORD'),
+        database: env.get('DB_DATABASE'),
+      },
+    ],
+    removeNodeErrorCount: 10,
+    restoreNodeTimeout: 5,
+  }
+
+  const mySQLDataSourceOptions: MysqlConnectionOptions = {
+    ...commonDataSourceOptions,
+    type: 'mysql',
+    charset: 'utf8mb4',
+    supportBigNumbers: true,
+    bigNumberStrings: false,
+    replication: inReplicaMode ? replicationConfig : undefined,
+    host: inReplicaMode ? undefined : env.get('DB_HOST'),
+    port: inReplicaMode ? undefined : parseInt(env.get('DB_PORT')),
+    username: inReplicaMode ? undefined : env.get('DB_USERNAME'),
+    password: inReplicaMode ? undefined : env.get('DB_PASSWORD'),
+    database: inReplicaMode ? undefined : env.get('DB_DATABASE'),
+  }
+
+  dataSource = new DataSource(mySQLDataSourceOptions)
+} else {
+  const sqliteDataSourceOptions: SqliteConnectionOptions = {
+    ...commonDataSourceOptions,
+    type: 'sqlite',
+    database: `data/${env.get('DB_DATABASE')}.sqlite`,
+  }
+
+  dataSource = new DataSource(sqliteDataSourceOptions)
 }

-const commonDataSourceOptions = {
-  maxQueryExecutionTime,
-  entities: [Item],
-  migrations: [`dist/migrations/${isConfiguredForMySQL ? 'mysql' : 'sqlite'}/*.js`],
-  migrationsRun: true,
-  logging: <LoggerOptions>env.get('DB_DEBUG_LEVEL'),
-}
-
-const mySQLDataSourceOptions: MysqlConnectionOptions = {
-  ...commonDataSourceOptions,
-  type: 'mysql',
-  charset: 'utf8mb4',
-  supportBigNumbers: true,
-  bigNumberStrings: false,
-  replication: inReplicaMode ? replicationConfig : undefined,
-  host: inReplicaMode ? undefined : env.get('DB_HOST'),
-  port: inReplicaMode ? undefined : parseInt(env.get('DB_PORT')),
-  username: inReplicaMode ? undefined : env.get('DB_USERNAME'),
-  password: inReplicaMode ? undefined : env.get('DB_PASSWORD'),
-  database: inReplicaMode ? undefined : env.get('DB_DATABASE'),
-}
-
-const sqliteDataSourceOptions: SqliteConnectionOptions = {
-  ...commonDataSourceOptions,
-  type: 'sqlite',
-  database: `data/${env.get('DB_DATABASE')}.sqlite`,
-}
-
-export const AppDataSource = new DataSource(isConfiguredForMySQL ? mySQLDataSourceOptions : sqliteDataSourceOptions)
+export const AppDataSource = dataSource
@@ -1,154 +0,0 @@
-import { Container, interfaces } from 'inversify'
-
-import { Env } from './Env'
-import TYPES from './Types'
-import { AuthMiddleware } from '../Controller/AuthMiddleware'
-import { Item } from '../Domain/Item/Item'
-import { SyncResponseFactory20161215 } from '../Domain/Item/SyncResponse/SyncResponseFactory20161215'
-import { SyncResponseFactory20200115 } from '../Domain/Item/SyncResponse/SyncResponseFactory20200115'
-import { SyncResponseFactoryResolverInterface } from '../Domain/Item/SyncResponse/SyncResponseFactoryResolverInterface'
-import { SyncResponseFactoryResolver } from '../Domain/Item/SyncResponse/SyncResponseFactoryResolver'
-import { ItemServiceInterface } from '../Domain/Item/ItemServiceInterface'
-import { ItemService } from '../Domain/Item/ItemService'
-import { SyncItems } from '../Domain/UseCase/SyncItems'
-import { ItemConflictProjector } from '../Projection/ItemConflictProjector'
-import { ItemSaveValidatorInterface } from '../Domain/Item/SaveValidator/ItemSaveValidatorInterface'
-import { ItemSaveValidator } from '../Domain/Item/SaveValidator/ItemSaveValidator'
-import { OwnershipFilter } from '../Domain/Item/SaveRule/OwnershipFilter'
-import { TimeDifferenceFilter } from '../Domain/Item/SaveRule/TimeDifferenceFilter'
-import { ItemFactoryInterface } from '../Domain/Item/ItemFactoryInterface'
-import { ItemFactory } from '../Domain/Item/ItemFactory'
-import { UuidFilter } from '../Domain/Item/SaveRule/UuidFilter'
-import { ContentTypeFilter } from '../Domain/Item/SaveRule/ContentTypeFilter'
-import { ContentFilter } from '../Domain/Item/SaveRule/ContentFilter'
-import { CheckIntegrity } from '../Domain/UseCase/CheckIntegrity/CheckIntegrity'
-import { GetItem } from '../Domain/UseCase/GetItem/GetItem'
-import { ProjectorInterface } from '../Projection/ProjectorInterface'
-import { SavedItemProjection } from '../Projection/SavedItemProjection'
-import { SavedItemProjector } from '../Projection/SavedItemProjector'
-import { ItemConflict } from '../Domain/Item/ItemConflict'
-import { ItemConflictProjection } from '../Projection/ItemConflictProjection'
-import { CommonContainerConfigLoader } from './CommonContainerConfigLoader'
-
-export class ServerContainerConfigLoader extends CommonContainerConfigLoader {
-  private readonly DEFAULT_CONTENT_SIZE_TRANSFER_LIMIT = 10_000_000
-  private readonly DEFAULT_MAX_ITEMS_LIMIT = 300
-
-  override async load(): Promise<Container> {
-    const container = await super.load()
-
-    const env: Env = container.get(TYPES.Env)
-
-    // Middleware
-    container.bind<AuthMiddleware>(TYPES.AuthMiddleware).toDynamicValue((context: interfaces.Context) => {
-      return new AuthMiddleware(context.container.get(TYPES.AUTH_JWT_SECRET), context.container.get(TYPES.Logger))
-    })
-
-    // Projectors
-    container
-      .bind<ProjectorInterface<Item, SavedItemProjection>>(TYPES.SavedItemProjector)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new SavedItemProjector(context.container.get(TYPES.Timer))
-      })
-    container
-      .bind<ProjectorInterface<ItemConflict, ItemConflictProjection>>(TYPES.ItemConflictProjector)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new ItemConflictProjector(context.container.get(TYPES.ItemProjector))
-      })
-
-    // env vars
-    container.bind(TYPES.AUTH_JWT_SECRET).toConstantValue(env.get('AUTH_JWT_SECRET'))
-    container.bind(TYPES.REVISIONS_FREQUENCY).toConstantValue(env.get('REVISIONS_FREQUENCY'))
-    container.bind(TYPES.NEW_RELIC_ENABLED).toConstantValue(env.get('NEW_RELIC_ENABLED', true))
-    container.bind(TYPES.VERSION).toConstantValue(env.get('VERSION'))
-    container
-      .bind(TYPES.CONTENT_SIZE_TRANSFER_LIMIT)
-      .toConstantValue(
-        env.get('CONTENT_SIZE_TRANSFER_LIMIT', true)
-          ? +env.get('CONTENT_SIZE_TRANSFER_LIMIT', true)
-          : this.DEFAULT_CONTENT_SIZE_TRANSFER_LIMIT,
-      )
-    container
-      .bind(TYPES.MAX_ITEMS_LIMIT)
-      .toConstantValue(
-        env.get('MAX_ITEMS_LIMIT', true) ? +env.get('MAX_ITEMS_LIMIT', true) : this.DEFAULT_MAX_ITEMS_LIMIT,
-      )
-
-    // use cases
-    container.bind<SyncItems>(TYPES.SyncItems).toDynamicValue((context: interfaces.Context) => {
-      return new SyncItems(context.container.get(TYPES.ItemService))
-    })
-    container.bind<CheckIntegrity>(TYPES.CheckIntegrity).toDynamicValue((context: interfaces.Context) => {
-      return new CheckIntegrity(context.container.get(TYPES.ItemRepository))
-    })
-    container.bind<GetItem>(TYPES.GetItem).toDynamicValue((context: interfaces.Context) => {
-      return new GetItem(context.container.get(TYPES.ItemRepository))
-    })
-
-    // Services
-    container.bind<ItemServiceInterface>(TYPES.ItemService).toDynamicValue((context: interfaces.Context) => {
-      return new ItemService(
-        context.container.get(TYPES.ItemSaveValidator),
-        context.container.get(TYPES.ItemFactory),
-        context.container.get(TYPES.ItemRepository),
-        context.container.get(TYPES.DomainEventPublisher),
-        context.container.get(TYPES.DomainEventFactory),
-        context.container.get(TYPES.REVISIONS_FREQUENCY),
-        context.container.get(TYPES.CONTENT_SIZE_TRANSFER_LIMIT),
-        context.container.get(TYPES.ItemTransferCalculator),
-        context.container.get(TYPES.Timer),
-        context.container.get(TYPES.ItemProjector),
-        context.container.get(TYPES.MAX_ITEMS_LIMIT),
-        context.container.get(TYPES.Logger),
-      )
-    })
-    container
-      .bind<SyncResponseFactory20161215>(TYPES.SyncResponseFactory20161215)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new SyncResponseFactory20161215(context.container.get(TYPES.ItemProjector))
-      })
-    container
-      .bind<SyncResponseFactory20200115>(TYPES.SyncResponseFactory20200115)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new SyncResponseFactory20200115(
-          context.container.get(TYPES.ItemProjector),
-          context.container.get(TYPES.ItemConflictProjector),
-          context.container.get(TYPES.SavedItemProjector),
-        )
-      })
-    container
-      .bind<SyncResponseFactoryResolverInterface>(TYPES.SyncResponseFactoryResolver)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new SyncResponseFactoryResolver(
-          context.container.get(TYPES.SyncResponseFactory20161215),
-          context.container.get(TYPES.SyncResponseFactory20200115),
-        )
-      })
-
-    container.bind<ItemFactoryInterface>(TYPES.ItemFactory).toDynamicValue((context: interfaces.Context) => {
-      return new ItemFactory(context.container.get(TYPES.Timer), context.container.get(TYPES.ItemProjector))
-    })
-
-    container.bind<OwnershipFilter>(TYPES.OwnershipFilter).toDynamicValue(() => new OwnershipFilter())
-    container
-      .bind<TimeDifferenceFilter>(TYPES.TimeDifferenceFilter)
-      .toDynamicValue((context: interfaces.Context) => new TimeDifferenceFilter(context.container.get(TYPES.Timer)))
-    container.bind<UuidFilter>(TYPES.UuidFilter).toDynamicValue(() => new UuidFilter())
-    container.bind<ContentTypeFilter>(TYPES.ContentTypeFilter).toDynamicValue(() => new ContentTypeFilter())
-    container.bind<ContentFilter>(TYPES.ContentFilter).toDynamicValue(() => new ContentFilter())
-
-    container
-      .bind<ItemSaveValidatorInterface>(TYPES.ItemSaveValidator)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new ItemSaveValidator([
-          context.container.get(TYPES.OwnershipFilter),
-          context.container.get(TYPES.TimeDifferenceFilter),
-          context.container.get(TYPES.UuidFilter),
-          context.container.get(TYPES.ContentTypeFilter),
-          context.container.get(TYPES.ContentFilter),
-        ])
-      })
-
-    return container
-  }
-}
@@ -0,0 +1,42 @@
+import {
+  ControllerContainerInterface,
+  ServiceContainerInterface,
+  ServiceIdentifier,
+  ServiceInterface,
+} from '@standardnotes/domain-core'
+
+import { ContainerConfigLoader } from './Container'
+import { DirectCallDomainEventPublisher } from '@standardnotes/domain-events-infra'
+
+export class Service implements ServiceInterface {
+  constructor(
+    private serviceContainer: ServiceContainerInterface,
+    private controllerContainer: ControllerContainerInterface,
+    private directCallDomainEventPublisher: DirectCallDomainEventPublisher,
+  ) {
+    this.serviceContainer.register(this.getId(), this)
+  }
+
+  async handleRequest(request: never, response: never, endpointOrMethodIdentifier: string): Promise<unknown> {
+    const method = this.controllerContainer.get(endpointOrMethodIdentifier)
+
+    if (!method) {
+      throw new Error(`Method ${endpointOrMethodIdentifier} not found`)
+    }
+
+    return method(request, response)
+  }
+
+  async getContainer(): Promise<unknown> {
+    const config = new ContainerConfigLoader()
+
+    return config.load({
+      controllerConatiner: this.controllerContainer,
+      directCallDomainEventPublisher: this.directCallDomainEventPublisher,
+    })
+  }
+
+  getId(): ServiceIdentifier {
+    return ServiceIdentifier.create(ServiceIdentifier.NAMES.SyncingServer).getValue()
+  }
+}
@@ -1,71 +1,73 @@
 const TYPES = {
-  DBConnection: Symbol.for('DBConnection'),
-  Logger: Symbol.for('Logger'),
-  Redis: Symbol.for('Redis'),
-  SNS: Symbol.for('SNS'),
-  SQS: Symbol.for('SQS'),
-  S3: Symbol.for('S3'),
-  Env: Symbol.for('Env'),
+  Sync_DBConnection: Symbol.for('Sync_DBConnection'),
+  Sync_Logger: Symbol.for('Sync_Logger'),
+  Sync_Redis: Symbol.for('Sync_Redis'),
+  Sync_SNS: Symbol.for('Sync_SNS'),
+  Sync_SQS: Symbol.for('Sync_SQS'),
+  Sync_S3: Symbol.for('Sync_S3'),
+  Sync_Env: Symbol.for('Sync_Env'),
  // Repositories
-  ItemRepository: Symbol.for('ItemRepository'),
+  Sync_ItemRepository: Symbol.for('Sync_ItemRepository'),
  // ORM
-  ORMItemRepository: Symbol.for('ORMItemRepository'),
+  Sync_ORMItemRepository: Symbol.for('Sync_ORMItemRepository'),
  // Middleware
-  AuthMiddleware: Symbol.for('AuthMiddleware'),
+  Sync_AuthMiddleware: Symbol.for('Sync_AuthMiddleware'),
  // Projectors
-  ItemProjector: Symbol.for('ItemProjector'),
-  SavedItemProjector: Symbol.for('SavedItemProjector'),
-  ItemConflictProjector: Symbol.for('ItemConflictProjector'),
+  Sync_ItemProjector: Symbol.for('Sync_ItemProjector'),
+  Sync_SavedItemProjector: Symbol.for('Sync_SavedItemProjector'),
+  Sync_ItemConflictProjector: Symbol.for('Sync_ItemConflictProjector'),
  // env vars
-  REDIS_URL: Symbol.for('REDIS_URL'),
-  SNS_TOPIC_ARN: Symbol.for('SNS_TOPIC_ARN'),
-  SNS_AWS_REGION: Symbol.for('SNS_AWS_REGION'),
-  SQS_QUEUE_URL: Symbol.for('SQS_QUEUE_URL'),
-  SQS_AWS_REGION: Symbol.for('SQS_AWS_REGION'),
-  AUTH_JWT_SECRET: Symbol.for('AUTH_JWT_SECRET'),
-  EXTENSIONS_SERVER_URL: Symbol.for('EXTENSIONS_SERVER_URL'),
-  AUTH_SERVER_URL: Symbol.for('AUTH_SERVER_URL'),
-  S3_AWS_REGION: Symbol.for('S3_AWS_REGION'),
-  S3_BACKUP_BUCKET_NAME: Symbol.for('S3_BACKUP_BUCKET_NAME'),
-  EMAIL_ATTACHMENT_MAX_BYTE_SIZE: Symbol.for('EMAIL_ATTACHMENT_MAX_BYTE_SIZE'),
-  REVISIONS_FREQUENCY: Symbol.for('REVISIONS_FREQUENCY'),
-  NEW_RELIC_ENABLED: Symbol.for('NEW_RELIC_ENABLED'),
-  VERSION: Symbol.for('VERSION'),
-  CONTENT_SIZE_TRANSFER_LIMIT: Symbol.for('CONTENT_SIZE_TRANSFER_LIMIT'),
-  MAX_ITEMS_LIMIT: Symbol.for('MAX_ITEMS_LIMIT'),
-  FILE_UPLOAD_PATH: Symbol.for('FILE_UPLOAD_PATH'),
+  Sync_REDIS_URL: Symbol.for('Sync_REDIS_URL'),
+  Sync_SNS_TOPIC_ARN: Symbol.for('Sync_SNS_TOPIC_ARN'),
+  Sync_SNS_AWS_REGION: Symbol.for('Sync_SNS_AWS_REGION'),
+  Sync_SQS_QUEUE_URL: Symbol.for('Sync_SQS_QUEUE_URL'),
+  Sync_SQS_AWS_REGION: Symbol.for('Sync_SQS_AWS_REGION'),
+  Sync_AUTH_JWT_SECRET: Symbol.for('Sync_AUTH_JWT_SECRET'),
+  Sync_EXTENSIONS_SERVER_URL: Symbol.for('Sync_EXTENSIONS_SERVER_URL'),
+  Sync_AUTH_SERVER_URL: Symbol.for('Sync_AUTH_SERVER_URL'),
+  Sync_S3_AWS_REGION: Symbol.for('Sync_S3_AWS_REGION'),
+  Sync_S3_BACKUP_BUCKET_NAME: Symbol.for('Sync_S3_BACKUP_BUCKET_NAME'),
+  Sync_EMAIL_ATTACHMENT_MAX_BYTE_SIZE: Symbol.for('Sync_EMAIL_ATTACHMENT_MAX_BYTE_SIZE'),
+  Sync_REVISIONS_FREQUENCY: Symbol.for('Sync_REVISIONS_FREQUENCY'),
+  Sync_NEW_RELIC_ENABLED: Symbol.for('Sync_NEW_RELIC_ENABLED'),
+  Sync_VERSION: Symbol.for('Sync_VERSION'),
+  Sync_CONTENT_SIZE_TRANSFER_LIMIT: Symbol.for('Sync_CONTENT_SIZE_TRANSFER_LIMIT'),
+  Sync_MAX_ITEMS_LIMIT: Symbol.for('Sync_MAX_ITEMS_LIMIT'),
+  Sync_FILE_UPLOAD_PATH: Symbol.for('Sync_FILE_UPLOAD_PATH'),
  // use cases
-  SyncItems: Symbol.for('SyncItems'),
-  CheckIntegrity: Symbol.for('CheckIntegrity'),
-  GetItem: Symbol.for('GetItem'),
+  Sync_SyncItems: Symbol.for('Sync_SyncItems'),
+  Sync_CheckIntegrity: Symbol.for('Sync_CheckIntegrity'),
+  Sync_GetItem: Symbol.for('Sync_GetItem'),
  // Handlers
-  AccountDeletionRequestedEventHandler: Symbol.for('AccountDeletionRequestedEventHandler'),
-  DuplicateItemSyncedEventHandler: Symbol.for('DuplicateItemSyncedEventHandler'),
-  EmailBackupRequestedEventHandler: Symbol.for('EmailBackupRequestedEventHandler'),
-  ItemRevisionCreationRequestedEventHandler: Symbol.for('ItemRevisionCreationRequestedEventHandler'),
+  Sync_AccountDeletionRequestedEventHandler: Symbol.for('Sync_AccountDeletionRequestedEventHandler'),
+  Sync_DuplicateItemSyncedEventHandler: Symbol.for('Sync_DuplicateItemSyncedEventHandler'),
+  Sync_EmailBackupRequestedEventHandler: Symbol.for('Sync_EmailBackupRequestedEventHandler'),
+  Sync_ItemRevisionCreationRequestedEventHandler: Symbol.for('Sync_ItemRevisionCreationRequestedEventHandler'),
  // Services
-  ContentDecoder: Symbol.for('ContentDecoder'),
-  DomainEventPublisher: Symbol.for('DomainEventPublisher'),
-  DomainEventSubscriberFactory: Symbol.for('DomainEventSubscriberFactory'),
-  DomainEventFactory: Symbol.for('DomainEventFactory'),
-  DomainEventMessageHandler: Symbol.for('DomainEventMessageHandler'),
-  HTTPClient: Symbol.for('HTTPClient'),
-  ItemService: Symbol.for('ItemService'),
-  Timer: Symbol.for('Timer'),
-  SyncResponseFactory20161215: Symbol.for('SyncResponseFactory20161215'),
-  SyncResponseFactory20200115: Symbol.for('SyncResponseFactory20200115'),
-  SyncResponseFactoryResolver: Symbol.for('SyncResponseFactoryResolver'),
-  AuthHttpService: Symbol.for('AuthHttpService'),
-  ExtensionsHttpService: Symbol.for('ExtensionsHttpService'),
-  ItemBackupService: Symbol.for('ItemBackupService'),
-  ItemSaveValidator: Symbol.for('ItemSaveValidator'),
-  OwnershipFilter: Symbol.for('OwnershipFilter'),
-  TimeDifferenceFilter: Symbol.for('TimeDifferenceFilter'),
-  UuidFilter: Symbol.for('UuidFilter'),
-  ContentTypeFilter: Symbol.for('ContentTypeFilter'),
-  ContentFilter: Symbol.for('ContentFilter'),
-  ItemFactory: Symbol.for('ItemFactory'),
-  ItemTransferCalculator: Symbol.for('ItemTransferCalculator'),
+  Sync_ContentDecoder: Symbol.for('Sync_ContentDecoder'),
+  Sync_DomainEventPublisher: Symbol.for('Sync_DomainEventPublisher'),
+  Sync_DomainEventSubscriberFactory: Symbol.for('Sync_DomainEventSubscriberFactory'),
+  Sync_DomainEventFactory: Symbol.for('Sync_DomainEventFactory'),
+  Sync_DomainEventMessageHandler: Symbol.for('Sync_DomainEventMessageHandler'),
+  Sync_HTTPClient: Symbol.for('Sync_HTTPClient'),
+  Sync_ItemService: Symbol.for('Sync_ItemService'),
+  Sync_Timer: Symbol.for('Sync_Timer'),
+  Sync_SyncResponseFactory20161215: Symbol.for('Sync_SyncResponseFactory20161215'),
+  Sync_SyncResponseFactory20200115: Symbol.for('Sync_SyncResponseFactory20200115'),
+  Sync_SyncResponseFactoryResolver: Symbol.for('Sync_SyncResponseFactoryResolver'),
+  Sync_AuthHttpService: Symbol.for('Sync_AuthHttpService'),
+  Sync_ExtensionsHttpService: Symbol.for('Sync_ExtensionsHttpService'),
+  Sync_ItemBackupService: Symbol.for('Sync_ItemBackupService'),
+  Sync_ItemSaveValidator: Symbol.for('Sync_ItemSaveValidator'),
+  Sync_OwnershipFilter: Symbol.for('Sync_OwnershipFilter'),
+  Sync_TimeDifferenceFilter: Symbol.for('Sync_TimeDifferenceFilter'),
+  Sync_UuidFilter: Symbol.for('Sync_UuidFilter'),
+  Sync_ContentTypeFilter: Symbol.for('Sync_ContentTypeFilter'),
+  Sync_ContentFilter: Symbol.for('Sync_ContentFilter'),
+  Sync_ItemFactory: Symbol.for('Sync_ItemFactory'),
+  Sync_ItemTransferCalculator: Symbol.for('Sync_ItemTransferCalculator'),
+  Sync_ControllerContainer: Symbol.for('Sync_ControllerContainer'),
+  Sync_InversifyExpressItemsController: Symbol.for('Sync_InversifyExpressItemsController'),
 }

 export default TYPES
@@ -1,207 +0,0 @@
-import { SQSClient, SQSClientConfig } from '@aws-sdk/client-sqs'
-import { S3Client } from '@aws-sdk/client-s3'
-import { Container, interfaces } from 'inversify'
-import {
-  DomainEventHandlerInterface,
-  DomainEventMessageHandlerInterface,
-  DomainEventSubscriberFactoryInterface,
-} from '@standardnotes/domain-events'
-
-import { Env } from './Env'
-import TYPES from './Types'
-import { ContentDecoder } from '../Domain/Item/ContentDecoder'
-import { AuthHttpServiceInterface } from '../Domain/Auth/AuthHttpServiceInterface'
-import { AuthHttpService } from '../Infra/HTTP/AuthHttpService'
-import { ExtensionsHttpServiceInterface } from '../Domain/Extension/ExtensionsHttpServiceInterface'
-import { ExtensionsHttpService } from '../Domain/Extension/ExtensionsHttpService'
-import { ItemBackupServiceInterface } from '../Domain/Item/ItemBackupServiceInterface'
-import { S3ItemBackupService } from '../Infra/S3/S3ItemBackupService'
-import { DuplicateItemSyncedEventHandler } from '../Domain/Handler/DuplicateItemSyncedEventHandler'
-import { AccountDeletionRequestedEventHandler } from '../Domain/Handler/AccountDeletionRequestedEventHandler'
-// eslint-disable-next-line @typescript-eslint/no-var-requires
-const axios = require('axios')
-import { AxiosInstance } from 'axios'
-import {
-  SQSDomainEventSubscriberFactory,
-  SQSEventMessageHandler,
-  SQSNewRelicEventMessageHandler,
-} from '@standardnotes/domain-events-infra'
-import { EmailBackupRequestedEventHandler } from '../Domain/Handler/EmailBackupRequestedEventHandler'
-import { ItemRevisionCreationRequestedEventHandler } from '../Domain/Handler/ItemRevisionCreationRequestedEventHandler'
-import { FSItemBackupService } from '../Infra/FS/FSItemBackupService'
-import { CommonContainerConfigLoader } from './CommonContainerConfigLoader'
-
-export class WorkerContainerConfigLoader extends CommonContainerConfigLoader {
-  private readonly DEFAULT_FILE_UPLOAD_PATH = `${__dirname}/../../uploads`
-
-  override async load(): Promise<Container> {
-    const container = await super.load()
-
-    const env: Env = container.get(TYPES.Env)
-
-    container.bind<SQSClient>(TYPES.SQS).toDynamicValue((context: interfaces.Context) => {
-      const env: Env = context.container.get(TYPES.Env)
-
-      const sqsConfig: SQSClientConfig = {
-        region: env.get('SQS_AWS_REGION'),
-      }
-      if (env.get('SQS_ENDPOINT', true)) {
-        sqsConfig.endpoint = env.get('SQS_ENDPOINT', true)
-      }
-      if (env.get('SQS_ACCESS_KEY_ID', true) && env.get('SQS_SECRET_ACCESS_KEY', true)) {
-        sqsConfig.credentials = {
-          accessKeyId: env.get('SQS_ACCESS_KEY_ID', true),
-          secretAccessKey: env.get('SQS_SECRET_ACCESS_KEY', true),
-        }
-      }
-
-      return new SQSClient(sqsConfig)
-    })
-
-    container.bind<S3Client | undefined>(TYPES.S3).toDynamicValue((context: interfaces.Context) => {
-      const env: Env = context.container.get(TYPES.Env)
-
-      let s3Client = undefined
-      if (env.get('S3_AWS_REGION', true)) {
-        s3Client = new S3Client({
-          apiVersion: 'latest',
-          region: env.get('S3_AWS_REGION', true),
-        })
-      }
-
-      return s3Client
-    })
-
-    // env vars
-    container.bind(TYPES.SQS_QUEUE_URL).toConstantValue(env.get('SQS_QUEUE_URL'))
-    container.bind(TYPES.EXTENSIONS_SERVER_URL).toConstantValue(env.get('EXTENSIONS_SERVER_URL', true))
-    container.bind(TYPES.AUTH_SERVER_URL).toConstantValue(env.get('AUTH_SERVER_URL'))
-    container.bind(TYPES.S3_AWS_REGION).toConstantValue(env.get('S3_AWS_REGION', true))
-    container.bind(TYPES.S3_BACKUP_BUCKET_NAME).toConstantValue(env.get('S3_BACKUP_BUCKET_NAME', true))
-    container.bind(TYPES.EMAIL_ATTACHMENT_MAX_BYTE_SIZE).toConstantValue(env.get('EMAIL_ATTACHMENT_MAX_BYTE_SIZE'))
-    container.bind(TYPES.NEW_RELIC_ENABLED).toConstantValue(env.get('NEW_RELIC_ENABLED', true))
-    container.bind(TYPES.VERSION).toConstantValue(env.get('VERSION'))
-    container
-      .bind(TYPES.FILE_UPLOAD_PATH)
-      .toConstantValue(
-        env.get('FILE_UPLOAD_PATH', true) ? env.get('FILE_UPLOAD_PATH', true) : this.DEFAULT_FILE_UPLOAD_PATH,
-      )
-
-    // Handlers
-    container
-      .bind<DuplicateItemSyncedEventHandler>(TYPES.DuplicateItemSyncedEventHandler)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new DuplicateItemSyncedEventHandler(
-          context.container.get(TYPES.ItemRepository),
-          context.container.get(TYPES.DomainEventFactory),
-          context.container.get(TYPES.DomainEventPublisher),
-          context.container.get(TYPES.Logger),
-        )
-      })
-    container
-      .bind<AccountDeletionRequestedEventHandler>(TYPES.AccountDeletionRequestedEventHandler)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new AccountDeletionRequestedEventHandler(
-          context.container.get(TYPES.ItemRepository),
-          context.container.get(TYPES.Logger),
-        )
-      })
-    container
-      .bind<EmailBackupRequestedEventHandler>(TYPES.EmailBackupRequestedEventHandler)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new EmailBackupRequestedEventHandler(
-          context.container.get(TYPES.ItemRepository),
-          context.container.get(TYPES.AuthHttpService),
-          context.container.get(TYPES.ItemBackupService),
-          context.container.get(TYPES.DomainEventPublisher),
-          context.container.get(TYPES.DomainEventFactory),
-          context.container.get(TYPES.EMAIL_ATTACHMENT_MAX_BYTE_SIZE),
-          context.container.get(TYPES.ItemTransferCalculator),
-          context.container.get(TYPES.S3_BACKUP_BUCKET_NAME),
-          context.container.get(TYPES.Logger),
-        )
-      })
-    container
-      .bind<ItemRevisionCreationRequestedEventHandler>(TYPES.ItemRevisionCreationRequestedEventHandler)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new ItemRevisionCreationRequestedEventHandler(
-          context.container.get(TYPES.ItemRepository),
-          context.container.get(TYPES.ItemBackupService),
-          context.container.get(TYPES.DomainEventFactory),
-          context.container.get(TYPES.DomainEventPublisher),
-        )
-      })
-
-    // Services
-    container.bind<ContentDecoder>(TYPES.ContentDecoder).toDynamicValue(() => new ContentDecoder())
-    container.bind<AxiosInstance>(TYPES.HTTPClient).toDynamicValue(() => axios.create())
-    container.bind<AuthHttpServiceInterface>(TYPES.AuthHttpService).toDynamicValue((context: interfaces.Context) => {
-      return new AuthHttpService(context.container.get(TYPES.HTTPClient), context.container.get(TYPES.AUTH_SERVER_URL))
-    })
-    container
-      .bind<ExtensionsHttpServiceInterface>(TYPES.ExtensionsHttpService)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new ExtensionsHttpService(
-          context.container.get(TYPES.HTTPClient),
-          context.container.get(TYPES.ItemRepository),
-          context.container.get(TYPES.ContentDecoder),
-          context.container.get(TYPES.DomainEventPublisher),
-          context.container.get(TYPES.DomainEventFactory),
-          context.container.get(TYPES.Logger),
-        )
-      })
-
-    container
-      .bind<ItemBackupServiceInterface>(TYPES.ItemBackupService)
-      .toDynamicValue((context: interfaces.Context) => {
-        const env: Env = context.container.get(TYPES.Env)
-
-        if (env.get('S3_AWS_REGION', true)) {
-          return new S3ItemBackupService(
-            context.container.get(TYPES.S3_BACKUP_BUCKET_NAME),
-            context.container.get(TYPES.ItemProjector),
-            context.container.get(TYPES.Logger),
-            context.container.get(TYPES.S3),
-          )
-        } else {
-          return new FSItemBackupService(
-            context.container.get(TYPES.FILE_UPLOAD_PATH),
-            context.container.get(TYPES.ItemProjector),
-            context.container.get(TYPES.Logger),
-          )
-        }
-      })
-
-    container
-      .bind<DomainEventMessageHandlerInterface>(TYPES.DomainEventMessageHandler)
-      .toDynamicValue((context: interfaces.Context) => {
-        const env: Env = context.container.get(TYPES.Env)
-
-        const eventHandlers: Map<string, DomainEventHandlerInterface> = new Map([
-          ['DUPLICATE_ITEM_SYNCED', context.container.get(TYPES.DuplicateItemSyncedEventHandler)],
-          ['ACCOUNT_DELETION_REQUESTED', context.container.get(TYPES.AccountDeletionRequestedEventHandler)],
-          ['EMAIL_BACKUP_REQUESTED', context.container.get(TYPES.EmailBackupRequestedEventHandler)],
-          ['ITEM_REVISION_CREATION_REQUESTED', context.container.get(TYPES.ItemRevisionCreationRequestedEventHandler)],
-        ])
-
-        const handler =
-          env.get('NEW_RELIC_ENABLED', true) === 'true'
-            ? new SQSNewRelicEventMessageHandler(eventHandlers, context.container.get(TYPES.Logger))
-            : new SQSEventMessageHandler(eventHandlers, context.container.get(TYPES.Logger))
-
-        return handler
-      })
-
-    container
-      .bind<DomainEventSubscriberFactoryInterface>(TYPES.DomainEventSubscriberFactory)
-      .toDynamicValue((context: interfaces.Context) => {
-        return new SQSDomainEventSubscriberFactory(
-          context.container.get(TYPES.SQS),
-          context.container.get(TYPES.SQS_QUEUE_URL),
-          context.container.get(TYPES.DomainEventMessageHandler),
-        )
-      })
-
-    return container
-  }
-}
@@ -0,0 +1 @@
+export * from './Service'
@@ -1,7 +1,7 @@
 import { controller, httpGet } from 'inversify-express-utils'

@controller('/healthcheck')
-export class HealthCheckController {
+export class InversifyExpressHealthCheckController {
  @httpGet('/')
  public async get(): Promise<string> {
    return 'OK'
@@ -3,20 +3,21 @@ import 'reflect-metadata'
 import * as express from 'express'
 import { ContentType } from '@standardnotes/common'

-import { ItemsController } from './ItemsController'
+import { InversifyExpressItemsController } from './InversifyExpressItemsController'
 import { results } from 'inversify-express-utils'
-import { SyncItems } from '../Domain/UseCase/SyncItems'
-import { ApiVersion } from '../Domain/Api/ApiVersion'
-import { SyncResponseFactoryResolverInterface } from '../Domain/Item/SyncResponse/SyncResponseFactoryResolverInterface'
-import { SyncResponseFactoryInterface } from '../Domain/Item/SyncResponse/SyncResponseFactoryInterface'
-import { SyncResponse20200115 } from '../Domain/Item/SyncResponse/SyncResponse20200115'
-import { CheckIntegrity } from '../Domain/UseCase/CheckIntegrity/CheckIntegrity'
-import { GetItem } from '../Domain/UseCase/GetItem/GetItem'
-import { Item } from '../Domain/Item/Item'
-import { ProjectorInterface } from '../Projection/ProjectorInterface'
-import { ItemProjection } from '../Projection/ItemProjection'
+import { Item } from '../../Domain/Item/Item'
+import { ItemProjection } from '../../Projection/ItemProjection'
+import { ProjectorInterface } from '../../Projection/ProjectorInterface'
+import { ApiVersion } from '../../Domain/Api/ApiVersion'
+import { SyncResponse20200115 } from '../../Domain/Item/SyncResponse/SyncResponse20200115'
+import { SyncResponseFactoryInterface } from '../../Domain/Item/SyncResponse/SyncResponseFactoryInterface'
+import { SyncResponseFactoryResolverInterface } from '../../Domain/Item/SyncResponse/SyncResponseFactoryResolverInterface'
+import { CheckIntegrity } from '../../Domain/UseCase/CheckIntegrity/CheckIntegrity'
+import { GetItem } from '../../Domain/UseCase/GetItem/GetItem'
+import { SyncItems } from '../../Domain/UseCase/SyncItems'
+import { ControllerContainerInterface } from '@standardnotes/domain-core'

-describe('ItemsController', () => {
+describe('InversifyExpressItemsController', () => {
  let syncItems: SyncItems
  let checkIntegrity: CheckIntegrity
  let getItem: GetItem
@@ -26,11 +27,22 @@ describe('ItemsController', () => {
  let syncResponceFactoryResolver: SyncResponseFactoryResolverInterface
  let syncResponseFactory: SyncResponseFactoryInterface
  let syncResponse: SyncResponse20200115
+  let controllerContainer: ControllerContainerInterface

  const createController = () =>
-    new ItemsController(syncItems, checkIntegrity, getItem, itemProjector, syncResponceFactoryResolver)
+    new InversifyExpressItemsController(
+      syncItems,
+      checkIntegrity,
+      getItem,
+      itemProjector,
+      syncResponceFactoryResolver,
+      controllerContainer,
+    )

  beforeEach(() => {
+    controllerContainer = {} as jest.Mocked<ControllerContainerInterface>
+    controllerContainer.register = jest.fn()
+
    itemProjector = {} as jest.Mocked<ProjectorInterface<Item, ItemProjection>>
    itemProjector.projectFull = jest.fn().mockReturnValue({ foo: 'bar' })

--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
standardci	2f94abc9f7	chore(release): publish new version - @standardnotes/api-gateway@1.58.0 - @standardnotes/auth-server@1.111.0 - @standardnotes/home-server@1.5.0 - @standardnotes/revisions-server@1.16.0	2023-05-25 11:11:19 +00:00
Karol Sójko	c70040fe5d	feat: add revisions service to home server (#613 ) * feat: add revisions service to home server * fix: make e2e test suite on home server non-optional * fix(auth): specs	2023-05-25 12:57:05 +02:00
standardci	4b8a9e448a	chore(release): publish new version - @standardnotes/api-gateway@1.57.0 - @standardnotes/auth-server@1.110.0 - @standardnotes/home-server@1.4.4	2023-05-25 07:56:05 +00:00
Karol Sójko	1e4c7d0f31	feat: refactor auth middleware to handle required and optional cross service token scenarios (#612 ) * wip: fix variable name * wip: remove redundant middleware in auth * fix: auth middleware refactor * fix(auth): fetching user for key params * fix(auth): specs * fix(auth): registering session controller endpoints	2023-05-25 09:43:00 +02:00
Karol Sójko	ec75795a02	fix: session tokens ttl on home-server e2e suite	2023-05-24 13:56:09 +02:00
standardci	ad26b64b28	chore(release): publish new version - @standardnotes/auth-server@1.109.2 - @standardnotes/home-server@1.4.3	2023-05-18 10:55:29 +00:00
Karol Sójko	9e4715ebbd	fix: skip paid features on the home server e2e test suite	2023-05-18 12:42:20 +02:00
Karol Sójko	cc612296d0	fix(auth): changing user credentials to work both on http proxy and direct code call	2023-05-18 12:42:20 +02:00
standardci	1148b3948c	chore(release): publish new version - @standardnotes/api-gateway@1.56.2 - @standardnotes/home-server@1.4.2	2023-05-18 09:19:56 +00:00
Karol Sójko	c7e605fd60	fix(api-gateway): pkce endpoints resolution for direct code calls	2023-05-18 11:03:13 +02:00
Karol Sójko	4ab32c670e	fix(api-gateway): decorating responses for direct call proxy	2023-05-18 11:03:12 +02:00
standardci	2d810568a8	chore(release): publish new version - @standardnotes/api-gateway@1.56.1 - @standardnotes/auth-server@1.109.1 - @standardnotes/files-server@1.12.5 - @standardnotes/home-server@1.4.1 - @standardnotes/revisions-server@1.15.1 - @standardnotes/syncing-server@1.37.1	2023-05-18 06:07:38 +00:00
Karol Sójko	b8353aa817	chore: add metadata to winston loggers	2023-05-18 07:54:36 +02:00
standardci	7924f63e28	chore(release): publish new version - @standardnotes/api-gateway@1.56.0 - @standardnotes/auth-server@1.109.0 - @standardnotes/home-server@1.4.0 - @standardnotes/syncing-server@1.37.0	2023-05-17 13:50:56 +00:00
Karol Sójko	b3b617ea0b	feat: bundle syncing server into home server setup (#611 ) * feat(syncing-server): move inversify express controllers to new structure * wip: syncing server service binding for home server * fix(syncing-server): container bindings * fix(api-gateway): rename https service to service proxy * fix: proxying requests to syncing server * fix: responses and version binding	2023-05-17 15:38:12 +02:00