ref(backend): Centralize deps and add mypy

Extract reusable API dependencies and activity logging helpers.\nAdd mypy configuration and dev dependency for type checking.\n\nCo-Authored-By: Claude <noreply@anthropic.com>

backend/app/api/boards.py

@@ -1,13 +1,13 @@
 from __future__ import annotations
 
-from fastapi import APIRouter, Depends, HTTPException, status
+from fastapi import APIRouter, Depends
 from sqlmodel import Session, select
 
-from app.core.auth import get_auth_context
+from app.api.deps import get_board_or_404, require_admin_auth
+from app.core.auth import AuthContext
 from app.db.session import get_session
 from app.models.boards import Board
 from app.schemas.boards import BoardCreate, BoardRead, BoardUpdate
-from app.services.admin_access import require_admin
 
 router = APIRouter(prefix="/boards", tags=["boards"])
 
@@ -15,9 +15,8 @@ router = APIRouter(prefix="/boards", tags=["boards"])
 @router.get("", response_model=list[BoardRead])
 def list_boards(
     session: Session = Depends(get_session),
-    auth=Depends(get_auth_context),
+    auth: AuthContext = Depends(require_admin_auth),
 ) -> list[Board]:
-    require_admin(auth)
     return list(session.exec(select(Board)))
 
 
@@ -25,9 +24,8 @@ def list_boards(
 def create_board(
     payload: BoardCreate,
     session: Session = Depends(get_session),
-    auth=Depends(get_auth_context),
+    auth: AuthContext = Depends(require_admin_auth),
 ) -> Board:
-    require_admin(auth)
     board = Board.model_validate(payload)
     session.add(board)
     session.commit()
@@ -37,28 +35,19 @@ def create_board(
 
 @router.get("/{board_id}", response_model=BoardRead)
 def get_board(
-    board_id: str,
-    session: Session = Depends(get_session),
-    auth=Depends(get_auth_context),
+    board: Board = Depends(get_board_or_404),
+    auth: AuthContext = Depends(require_admin_auth),
 ) -> Board:
-    require_admin(auth)
-    board = session.get(Board, board_id)
-    if board is None:
-        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND)
     return board
 
 
 @router.patch("/{board_id}", response_model=BoardRead)
 def update_board(
-    board_id: str,
     payload: BoardUpdate,
     session: Session = Depends(get_session),
-    auth=Depends(get_auth_context),
+    board: Board = Depends(get_board_or_404),
+    auth: AuthContext = Depends(require_admin_auth),
 ) -> Board:
-    require_admin(auth)
-    board = session.get(Board, board_id)
-    if board is None:
-        raise HTTPException(status_code=status.HTTP_404_NOT_FOUND)
     updates = payload.model_dump(exclude_unset=True)
     for key, value in updates.items():
         setattr(board, key, value)
@@ -70,13 +59,10 @@ def update_board(
 
 @router.delete("/{board_id}")
 def delete_board(
-    board_id: str,
     session: Session = Depends(get_session),
-    auth=Depends(get_auth_context),
+    board: Board = Depends(get_board_or_404),
+    auth: AuthContext = Depends(require_admin_auth),
 ) -> dict[str, bool]:
-    require_admin(auth)
-    board = session.get(Board, board_id)
-    if board:
-        session.delete(board)
-        session.commit()
+    session.delete(board)
+    session.commit()
     return {"ok": True}