OnRoad

Features

🖥️ Monorepo Setup

Our application adopts a monorepo architecture, consolidating backend and frontend code within a single repository. This streamlined approach facilitates efficient codebase management and simplifies the deployment process.

⚡ Zippy and Fast Frontend

Leveraging React.js and TypeScript, our frontend is engineered for speed and efficiency, ensuring an exceptional user experience. It is fully responsive and optimized for all devices, featuring Gzip-compressed static assets for enhanced transfer speeds.

📦 Microservices Architecture with End-to-End Dockerization

Built on a foundation of independent microservices, our application architecture allows for scalable components. Complete dockerization enables seamless operation across any environment with a simple docker-compose upcommand. Please note that running a stateful service like PostgreSQL in a container has its own limitations which you should be aware of in production.

🌐 Hasura GraphQL with Automated APIs

Utilizing Hasura, we generate GraphQL APIs that streamline API creation and management. Hasura enriches our application with role-based access control, real-time updates, and event triggers.

🔐 Advanced Authentication and Authorization ⭐️

Our authentication framework utilizes JWT tokens and supports various methods, all implemented from scratch, including:

• Username-password

• Magic-link

• Sign In With Google (Oauth2)

• PassKeys (WebAuthn API)

These methods work together seamlessly to ensure robust security. The framework employs long-lived refresh tokens and short-lived access tokens to enhance security and maintain user sessions efficiently.

💾 Closer to Database Layer

Our application maximizes database utilization for optimal performance, leveraging triggers, defaults, constraints, and indexes. This approach enhances scalability and framework agnosticism.

🔄 Automated DB Backups

Regular database backups are automated via a cron job, ensuring data integrity and recoverability in any eventuality.

🛡️ Security and Privacy

Dedicated to user privacy and security, our application implements robust measures like CSRF, XSS protection, and CORS. Tight API security through RBACs and network isolation safeguards against unauthorized access.

🚦 Rate Limiting

API rate limiting, enforced at the API gateway level (Caddy), prevents misuse and ensures stable application performance.

📬 Message Queues and Brokers for Asynchronous Processing

Asynchronous tasks such as email sending and future image processing are efficiently managed via RabbitMQ and the DramatiQ library, maintaining an uninterrupted user experience.

🚀 CI/CD

Our deployment process is automated through GitLab CI/CD, facilitating seamless transitions from staging to production on DigitalOcean Droplets.

📊 User Analytics

Employing Umami for user analytics allows us to understand user behaviors and make informed decisions, prioritizing privacy.

📁 AWS S3 for File Storage

AWS S3 is our choice for secure and accessible user file storage, ensuring data safety and availability.

🐛 Sentry for Error Tracking and Metrics

Sentry aids in identifying and resolving application errors, offering valuable insights into performance metrics.

🤖 ChatGPT for Development

ChatGPT has played a significant role in developing our application, demonstrating the power of precise prompts in achieving desired outcomes and fostering a deeper understanding of our technology stack.

High Level System Design (HLD)