iamcoolvivek007/bharath
1
0
Fork 0
mirror of http://forgejo-oa09toasww4dgii9cj3gpzda.187.127.164.61.sslip.io/iamcoolvivek007/bharath.git synced 2026-06-11 00:06:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
bharath/docs/architecture/TECHNICAL_ARCHITECTURE.md
Vivek 394117dd74 BharathTrucks MVP - 6 sprints complete 
- Govt-app styled freight marketplace
- Role-based auth (driver/shipper/broker/admin)
- Load board with bidding system
- Trip tracking with status flow
- In-app messaging
- Admin panel
- Mobile bottom nav + PWA
- Docker + Coolify ready
2026-05-31 06:21:13 +00:00

279 lines
13 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# BharathTrucks — Technical Architecture Document
**Version:** 1.0
**Date:** 2026-05-31
---
## 1. Architecture Overview
```
┌─────────────────────────────────────────────────────────┐
│ bharathtrucks.com │
│ (Cloudflare DNS/CDN) │
└─────────────────────┬───────────────────────────────────┘
┌─────────────────────▼───────────────────────────────────┐
│ Hostinger VPS (Coolify) │
│ ┌────────────────────────────────────────────────────┐ │
│ │ Docker Container │ │
│ │ ┌──────────────────────────────────────────────┐ │ │
│ │ │ Node.js + Express Server │ │ │
│ │ │ │ │ │
│ │ │ ┌─────────┐ ┌──────────┐ ┌───────────┐ │ │ │
│ │ │ │ Routes │ │ Views │ │Middleware │ │ │ │
│ │ │ │(Express)│ │ (EJS) │ │(Auth/Rate)│ │ │ │
│ │ │ └────┬────┘ └──────────┘ └───────────┘ │ │ │
│ │ │ │ │ │ │
│ │ │ ┌────▼────────────────────────────────────┐ │ │ │
│ │ │ │ Controllers │ │ │ │
│ │ │ └────┬────────────────────────────────────┘ │ │ │
│ │ │ │ │ │ │
│ │ │ ┌────▼────────────────────────────────────┐ │ │ │
│ │ │ │ Service Layer │ │ │ │
│ │ │ └────┬────────────────────────────────────┘ │ │ │
│ │ └───────┼──────────────────────────────────────┘ │ │
│ └──────────┼─────────────────────────────────────────┘ │
└─────────────┼────────────────────────────────────────────┘
┌─────────────▼────────────────────────────────────────────┐
│ Supabase (Cloud) │
│ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌─────────┐ │
│ │PostgreSQL│ │ Auth │ │ Storage │ │Realtime │ │
│ │(Database)│ │ (OTP) │ │ (Files) │ │ (WS) │ │
│ └──────────┘ └──────────┘ └──────────┘ └─────────┘ │
└───────────────────────────────────────────────────────────┘
```
---
## 2. Technology Stack
| Layer | Technology | Justification |
|-------|-----------|---------------|
| **Runtime** | Node.js 20 LTS | Fast, async I/O, large ecosystem |
| **Framework** | Express.js 4.x | Minimal, flexible, well-documented |
| **Views** | EJS | Server-rendered (SEO, fast on 3G, no JS required) |
| **Database** | Supabase PostgreSQL | Managed, free tier, built-in auth |
| **Auth** | Supabase Auth (Phone OTP) | India-native phone-first auth |
| **File Storage** | Supabase Storage | Documents, profile photos |
| **Realtime** | Supabase Realtime | Live bid updates, notifications |
| **CSS** | Custom CSS | Full control for govt-app aesthetic |
| **PWA** | Service Worker + Manifest | Installable, offline caching |
| **Container** | Docker | Consistent deployment |
| **Orchestration** | Coolify | Self-hosted PaaS on Hostinger VPS |
| **CDN/DNS** | Cloudflare | Free SSL, caching, DDoS protection |
| **Domain** | bharathtrucks.com | Brand identity |
---
## 3. Application Structure
```
bharathtrucks/
├── webapp/
│ ├── src/
│ │ ├── app.js # Express app setup
│ │ ├── server.js # Server entry point
│ │ ├── routes/
│ │ │ ├── index.js # Route aggregator
│ │ │ ├── auth.routes.js # Login, register, OTP
│ │ │ ├── load.routes.js # Load CRUD, search
│ │ │ ├── bid.routes.js # Bidding operations
│ │ │ ├── driver.routes.js # Driver dashboard
│ │ │ ├── shipper.routes.js # Shipper dashboard
│ │ │ ├── broker.routes.js # Broker dashboard
│ │ │ ├── admin.routes.js # Admin panel
│ │ │ └── web.routes.js # Marketing pages
│ │ ├── controllers/
│ │ │ ├── auth.controller.js
│ │ │ ├── load.controller.js
│ │ │ ├── bid.controller.js
│ │ │ ├── driver.controller.js
│ │ │ ├── shipper.controller.js
│ │ │ ├── broker.controller.js
│ │ │ └── admin.controller.js
│ │ ├── services/
│ │ │ ├── supabase.js # Supabase client init
│ │ │ ├── auth.service.js # Auth logic
│ │ │ ├── load.service.js # Load business logic
│ │ │ ├── bid.service.js # Bid business logic
│ │ │ └── notification.service.js
│ │ ├── middleware/
│ │ │ ├── auth.middleware.js # Session validation
│ │ │ ├── role.middleware.js # Role-based access
│ │ │ ├── rate.middleware.js # Rate limiting (bids/day)
│ │ │ └── error.middleware.js
│ │ ├── views/
│ │ │ ├── layouts/
│ │ │ │ └── main.ejs # Base layout
│ │ │ ├── pages/
│ │ │ │ ├── landing.ejs
│ │ │ │ ├── login.ejs
│ │ │ │ ├── register.ejs
│ │ │ │ ├── loadboard.ejs
│ │ │ │ ├── driver-dashboard.ejs
│ │ │ │ ├── shipper-dashboard.ejs
│ │ │ │ ├── broker-dashboard.ejs
│ │ │ │ └── admin-dashboard.ejs
│ │ │ └── partials/
│ │ │ ├── header.ejs
│ │ │ ├── footer.ejs
│ │ │ ├── nav.ejs
│ │ │ └── load-card.ejs
│ │ ├── public/
│ │ │ ├── css/
│ │ │ │ ├── main.css # Global styles
│ │ │ │ ├── govt-theme.css # Govt-app aesthetic
│ │ │ │ └── components.css # Reusable components
│ │ │ ├── js/
│ │ │ │ ├── app.js # Client-side logic
│ │ │ │ └── sw.js # Service Worker
│ │ │ ├── images/
│ │ │ └── manifest.json # PWA manifest
│ │ └── config/
│ │ ├── env.js # Environment config
│ │ └── constants.js # App constants
│ ├── package.json
│ ├── Dockerfile
│ ├── .env.example
│ └── .dockerignore
├── docker/
│ └── docker-compose.yml
├── scripts/
│ └── seed.js # DB seed data
├── docs/
└── README.md
```
---
## 4. Authentication Flow
```
User (Phone) → Enter Number → Supabase OTP → Verify Code → Session Created
┌───────────────┼───────────────┐
│ │ │
New User? Existing User Admin?
│ │ │
Role Selection Dashboard Admin Panel
Profile Setup
Dashboard
```
- **Session:** Supabase JWT stored in httpOnly cookie
- **Role check:** Middleware reads user role from `profiles` table
- **Rate limiting:** Free users get 5 bids/day (tracked in DB)
---
## 5. Data Flow — Load Lifecycle
```
Shipper Posts Load → Load Board (visible to all)
Drivers Browse
Driver Bids (price + ETA)
Shipper Reviews Bids
Accepts Best Bid
┌───────────┼───────────┐
│ │
Driver Notified Load Status: "Booked"
Trip Starts → In Transit → Delivered
Payment (UPI link) → Confirmed → Complete
```
---
## 6. Security Architecture
| Layer | Measure |
|-------|---------|
| Transport | HTTPS via Cloudflare SSL |
| Auth | Supabase JWT + httpOnly cookies |
| Sessions | Server-side validation on every request |
| Input | Sanitization + validation (express-validator) |
| SQL | Parameterized queries via Supabase client |
| Rate Limiting | express-rate-limit (API) + DB-level (bids) |
| CORS | Restricted to bharathtrucks.com |
| Headers | Helmet.js security headers |
| File Upload | Type + size validation, Supabase Storage |
| Admin | Separate auth flow, IP whitelist optional |
---
## 7. Performance Strategy
| Technique | Implementation |
|-----------|---------------|
| Server-side rendering | EJS — no client-side framework overhead |
| Minimal JS | Progressive enhancement, no SPA |
| Image optimization | WebP, lazy loading, CDN-cached |
| Database | Indexed queries, connection pooling |
| Caching | Cloudflare page rules for static assets |
| PWA | Service Worker caches shell + recent loads |
| Compression | gzip via Express compression middleware |
| Bundle size | No framework = ~5KB JS total |
**Target:** < 3 second full page load on 3G connection
---
## 8. Scalability Plan
| Users | Infrastructure |
|-------|---------------|
| 01000 | Single Hostinger VPS (4GB RAM), Supabase free tier |
| 10005000 | Upgrade VPS (8GB), Supabase Pro |
| 500020000 | Add Redis caching, CDN optimization |
| 20000+ | Horizontal scaling (multiple containers), dedicated DB |
---
## 9. Third-Party Integrations
| Service | Purpose | Phase |
|---------|---------|-------|
| Supabase | DB + Auth + Storage + Realtime | Phase 1 |
| Cloudflare | CDN + DNS + SSL | Phase 1 |
| WhatsApp API (wa.me links) | Share loads | Phase 1 |
| SMS Gateway (MSG91/Twilio) | Critical notifications | Phase 2 |
| Razorpay/UPI | Payment processing | Phase 2 |
| Google Maps API | Route visualization | Phase 2 |
---
## 10. Environment Configuration
```env
# Server
NODE_ENV=production
PORT=3000
# Supabase
SUPABASE_URL=https://xxx.supabase.co
SUPABASE_ANON_KEY=eyJ...
SUPABASE_SERVICE_KEY=eyJ...
# App
APP_URL=https://bharathtrucks.com
SESSION_SECRET=xxx
RATE_LIMIT_BIDS_PER_DAY=5
# Optional (Phase 2)
SMS_API_KEY=xxx
RAZORPAY_KEY=xxx
```
---
*This architecture prioritizes simplicity, speed, and low-cost operation while supporting growth to 20K+ users.*
Reference in a new issue View git blame Copy permalink