Networking with Dio

• Use Dio as the primary HTTP client package.
• Use type-safe model classes with fromJson / toJson factories for all request/response bodies.
• Handle all HTTP status codes appropriately with typed exceptions (e.g., ServerException, NetworkException, UnauthorizedException).
• Use proper request timeouts (connectTimeout, receiveTimeout, sendTimeout).

Dio Interceptors

• Use interceptors for cross-cutting concerns:
  • Auth Interceptor: Attach access tokens to headers, handle token refresh on 401.
  • Logging Interceptor: Log requests/responses in debug mode via AppLogger.
  • Error Interceptor: Transform DioException into domain-specific Failure types.
• Register interceptors centrally via injectable for consistent behavior across all API calls.

Repository Pattern

• DataSources contain only raw Dio API calls — no business logic or mapping
• Repositories orchestrate between remote DataSources and local cache for network data

Retry & Resilience

• Implement retry logic with exponential backoff for transient failures (e.g., 500, timeout).
• Set a maximum retry count (default: 3 retries).
• Cache responses when appropriate to reduce network calls and improve offline UX.

Performance

• Parse JSON in background isolates for large responses (> 1MB) using compute()
• Do NOT block the UI thread with synchronous network operations

Security

• Store tokens via flutter_secure_storage — never in source code or SharedPreferences
• All API communication MUST use HTTPS