1. INTRODUCTION
This is the technical specification for FlowGuide. If you have any questions, please do not hesitate to contact
support@mudlify.com.
2. SYSTEM ARCHITECTURE
2.1. System Architecture Diagram
2.2. Vercel
Vercel is a hosting platform used for hosting Flowguide and its assets: fonts, images, icons, favicon and company logos. Vercel will generate and assign an SSL certificate automatically for every domain added to a project, regardless of whether the domain is registered through Vercel or not. All certificates have an expiry date when they are created and therefore, need to be renewed before the expiry date in order for your domain to continue to work properly. Vercel attempts to renew certificates automatically within a 14-30 day period before it expires.
2.3. MongoDb
MongoDb Atlas is a multi-cloud developer data platform. It is used by FlowGuide to Create, Read, Update and Delete data.
The data consists of:
2.4. AWS S3 Bucket
Amazon Simple Storage Service (S3) is an object storage service. FlowGuide requires the use of 2 buckets:
2.5. 3rd Party Video Hosting
FlowGuide uses video embed URL to display videos from external 3rd Party Video Hosting (using Vimeo and YouTube embed URL).
2.6. Google Maps
FlowGuide uses Google Maps embed URL to display an interactive map.
3. TECHNOLOGY STACK
Below is a set of technologies used to run FlowGuide:
4. SECURITY CONSIDERATIONS
4.1 Authentication
FlowGuide uses an email-password combination for user authentication. The authentication process involves the following:
4.2. Authorisation
Authorisation is managed using Role-Based Access Control.
By implementing these authentication and authorisation mechanisms, the application ensures secure access to user data and resources.
5. SSL CERTIFICATES
To ensure secure communication and protect data integrity between clients and the web server, the application uses SSL/TLS certificates. The following measures are implemented:
5.1. SSL/TLS Encryption:
5.2. Certificate Management:
Automatic Renewal: The SSL certificate is set to automatically renew before its expiration date to avoid service disruptions and maintain continuous security.
6. VULNERABILITY MANAGEMENT: MONGODB ATLAS
MongoDB Atlas: MongoDB Atlas is a managed NoSQL database. It prevents injection attacks by:
Parameterized Queries: MongoDB drivers support parameterized queries, which ensure user input is treated as data, not executable code. This prevents injection attacks.
Access Control and Authentication: MongoDB Atlas provides strong authentication and role-based access controls, reducing the risk of unauthorised data access.
7. DEPLOYMENT AND HOSTING
7.1 Deploying GitHub Projects with Vercel
Vercel for GitHub automatically deploys your GitHub projects with Vercel, providing Preview Deployment URLs, and automatic Custom Domain updates. This seamless integration between GitHub and Vercel allows for continuous deployment without manual intervention.
7.2. Hosting Environment
FlowGuide is hosted on Vercel, a cloud platform optimised for front-end frameworks and static sites.
7.3. Environment Configuration
Environment-Specific Configurations:
By utilising Vercel for GitHub, the deployment pipeline is streamlined, ensuring fast, reliable, and automated deployments across different environments with little to no interruptions/downtime.
8. ERROR HANDLING AND LOGGING
In an event when an error occurs on the server side, FlowGuide logs the error in MongoDB Atlas. The error logged consists of the following: HTTP request method, date error occurred, the endpoint name and the error message.
Vercel continuously has runtime logs that are generated by Serverless and Edge Function invocations in both staging and production environments. These log results are shown in real-time and provide information about the output for functions as well as the console.log output. The retention time for log results is 1 day.
Westgate House, Ground Floor,
44 Hale Road,
Hale, Altrincham,
Cheshire,
WA14 2EX