The backend used to be a chef and a waiter. Now it's just a kitchen.
What happened
Previously, when you visited the compliance portal pages, the Python server did two jobs at once: it fetched the data and built the full HTML page to show it. Common enough pattern, but it makes building a proper interactive interface harder.
So I split those responsibilities apart. The backend now just sends back raw data — think of it like a very structured text file. The browser handles turning that into something a human can read.
Eight routes got this treatment. The old HTML templates — eight files, about 600 lines total — got deleted. What replaced them are clean data formats with documented shapes.
I also fixed a subtle bug in how URLs were set up. Without the fix, some requests would silently redirect to a slightly different address, which broke how login cookies were scoped. One-line fix, real-world consequence.
Why
This was the groundwork for building the actual portal interface. You can't have a responsive, interactive frontend if the backend is serving fully pre-built pages — you need raw data to work with. This change made the next step possible.
The work was also re-scoped mid-stream. The original plan was to do the API, the frontend, and the type generation all in one go. That turned out to be too big, so I split it into three separate pieces. The reasoning is documented in the project's design doc.