Remove old configuration, API client, and redundant crypto mocks

- Deleted legacy `config` module and replaced its usage with the new runtime-validated `app.config`.
- Removed old custom Axios `apiClient` with outdated token refresh logic.
- Cleaned up redundant crypto-related mocks in storage tests and replaced them with real encryption/decryption during testing.
- Updated Jest coverage exclusions to reflect the new file structure and generated client usage.

frontend/src/lib/api/client.old.ts

@@ -1,154 +0,0 @@
-import axios, { AxiosError, AxiosRequestConfig, InternalAxiosRequestConfig } from 'axios';
-import { useAuthStore } from '@/stores/authStore';
-import { parseAPIError, type APIErrorResponse } from './errors';
-
-// Create Axios instance
-export const apiClient = axios.create({
-  baseURL: process.env.NEXT_PUBLIC_API_URL || 'http://localhost:8000/api/v1',
-  timeout: parseInt(process.env.NEXT_PUBLIC_API_TIMEOUT || '30000'),
-  headers: {
-    'Content-Type': 'application/json',
-  },
-});
-
-// Request interceptor - Add authentication token
-apiClient.interceptors.request.use(
-  (config: InternalAxiosRequestConfig) => {
-    // Get access token from auth store
-    const accessToken = useAuthStore.getState().accessToken;
-
-    // Add Authorization header if token exists
-    if (accessToken) {
-      config.headers.Authorization = `Bearer ${accessToken}`;
-    }
-
-    // Log request in development
-    if (process.env.NODE_ENV === 'development' && process.env.NEXT_PUBLIC_DEBUG_API === 'true') {
-      console.log('🚀 API Request:', {
-        method: config.method?.toUpperCase(),
-        url: config.url,
-        headers: config.headers,
-        data: config.data,
-      });
-    }
-
-    return config;
-  },
-  (error: AxiosError) => {
-    console.error('Request interceptor error:', error);
-    return Promise.reject(error);
-  }
-);
-
-// Response interceptor - Handle errors and token refresh
-apiClient.interceptors.response.use(
-  (response) => {
-    // Log response in development
-    if (process.env.NODE_ENV === 'development' && process.env.NEXT_PUBLIC_DEBUG_API === 'true') {
-      console.log('✅ API Response:', {
-        status: response.status,
-        url: response.config.url,
-        data: response.data,
-      });
-    }
-
-    return response;
-  },
-  async (error: AxiosError<APIErrorResponse>) => {
-    const originalRequest = error.config as AxiosRequestConfig & { _retry?: boolean };
-
-    // Log error in development
-    if (process.env.NODE_ENV === 'development') {
-      console.error('❌ API Error:', {
-        status: error.response?.status,
-        url: error.config?.url,
-        message: error.message,
-        data: error.response?.data,
-      });
-    }
-
-    // Handle 401 Unauthorized - Token refresh logic
-    if (error.response?.status === 401 && originalRequest && !originalRequest._retry) {
-      originalRequest._retry = true;
-
-      try {
-        // Get refresh token
-        const refreshToken = useAuthStore.getState().refreshToken;
-
-        if (!refreshToken) {
-          // No refresh token - redirect to login
-          useAuthStore.getState().clearAuth();
-          if (typeof window !== 'undefined') {
-            window.location.href = '/login';
-          }
-          return Promise.reject(error);
-        }
-
-        // Attempt to refresh tokens
-        const response = await axios.post(
-          `${process.env.NEXT_PUBLIC_API_BASE_URL}/api/v1/auth/refresh`,
-          { refresh_token: refreshToken },
-          {
-            headers: {
-              'Content-Type': 'application/json',
-            },
-          }
-        );
-
-        const { access_token, refresh_token } = response.data;
-
-        // Update tokens in store
-        useAuthStore.getState().setTokens(access_token, refresh_token);
-
-        // Retry original request with new token
-        if (originalRequest.headers) {
-          originalRequest.headers.Authorization = `Bearer ${access_token}`;
-        }
-
-        return apiClient.request(originalRequest);
-      } catch (refreshError) {
-        // Refresh failed - clear auth and redirect to login
-        console.error('Token refresh failed:', refreshError);
-        useAuthStore.getState().clearAuth();
-        if (typeof window !== 'undefined') {
-          window.location.href = '/login';
-        }
-        return Promise.reject(refreshError);
-      }
-    }
-
-    // Handle 403 Forbidden
-    if (error.response?.status === 403) {
-      console.warn('Access forbidden - insufficient permissions');
-      // You might want to show a toast here
-    }
-
-    // Handle 429 Too Many Requests
-    if (error.response?.status === 429) {
-      console.warn('Rate limit exceeded');
-      // You might want to show a toast with retry time
-      const retryAfter = error.response.headers['retry-after'];
-      if (retryAfter) {
-        console.log(`Retry after ${retryAfter} seconds`);
-      }
-    }
-
-    // Handle 500+ Server Errors
-    if (error.response?.status && error.response.status >= 500) {
-      console.error('Server error occurred');
-      // You might want to show a generic error toast
-    }
-
-    // Handle Network Errors
-    if (!error.response) {
-      console.error('Network error - check your connection');
-      // You might want to show a network error toast
-    }
-
-    // Parse and reject with structured error
-    const parsedErrors = parseAPIError(error);
-    return Promise.reject(parsedErrors);
-  }
-);
-
-export default apiClient;

frontend/src/lib/api/client.ts

@@ -6,7 +6,7 @@
 import axios, { AxiosError, AxiosRequestConfig, InternalAxiosRequestConfig } from 'axios';
 import { useAuthStore } from '@/stores/authStore';
 import { parseAPIError, type APIErrorResponse } from './errors';
-import config from '@/config';
+import config from '@/config/app.config';
 
 /**
  * Separate axios instance for auth endpoints