shijiezhou1/Architecture

## Architecture
# Backend Architecture (Design Proposal)

[AWS DEMO](https://gist.githubusercontent.com/shijiezhou1/62de971da9cb8795a974739b11c4933b/raw/1eed6338564390bb697321c8163acb6214d6d107/aws.jpg)

Please provide a visualization with a detailed explanation on the client-server architecture proposed.

## API Gateway Integration

- To satisfy and meet the requirements, the backend for the software is using Amazon API Gateway which provides fully managed service. For example, it allows users to publish, create, monitor, and secure all APIs on any scale. Since they do not introduce the concepts of RPC even it was way faster than restful, we will just stick with RESTful, HTTP/HTTPs and Web-socket API.

- Amazon API Gateway will be the front door that makes all the connection to database and business logic much easier within the AWS’s environment. Also, it provides a more flexible authentication and authorization method with the AWS API gateway. If we want to customize it, a Lambda integration will be more helpful because it makes each API return what it describes.

```
api/products
```

- For example, the above endpoint will send out the request to the API endpoint `/products` and it will process all the logic through the Lambda, after several executions and actions, it should returns the object that we look at for.

```
{
 car: {
       title: “Saturn”,
  type: “automatic”,
  win: “FBKYO1tUJc_rT5OjzkUva7WoaJX-YxSFwBDy0nFRB”
    }
 }
```

- Also, there built-in feature Amazon CloudFront can help the backend service to pick the best location globally based on the region. For example, if the user’s IP most of them from the United States, the service will be deployed near the server in the United States, so it reduces the latency which it is using the content delivery network (CDN).

## Database and Analytics Integration

The database will be using the built-in Amazon DynamoDB which will be easy to scale and manage. The benefit of using DynamoDB because it works great with lambda functions that drive events from AWS resources such as provide event streams and event notification to different some applications. And the backup and restore service is also provided from Amazon DynamoDB. When the data is accidentally broken, it can roll back to the last backup to reduce the cost and lose with the use of `AWS Data Pipeline`. However, each server will have different access control to the DynamoDB resource or API member. `Amazon IAM` provides the configuration for the different APIs or applications to access the dynamo DB based on the right permission. Since each request requires a signature `HMAC-SHA256`. It will have to be matched with the private key from decrypt.

- However, in some cases, the `Amazon Aurora` will also require because when dealing with multiple transactions and information to the vendor. How the order creates relative to the information of the user. Yet, Amazon relational database service only good for a strong relationship between many different tables. for those order queues, the DynamoDB will be enough to serve because it recorder the order based on the first come first server.
- With the database migration, we can use the version control throw the database.

```
var rds = new AWS.RDS({apiVersion: '2020-01-01’});
```

- The Amazon Aurora will be fully manager by (RDS), such as backing up the database to S3.
- For the user to log in or remind the user session, we applied the `Amazon ElastiCache for Redis` which it can store more of the common information when re-access to the duplicated content .
- In order to delivers and provide everything admins need, the `Amazon Data Lakes` is the tool to handle all the analytics and machine learning services. It collects all the data and dumps in the same pool, and with the open-source engines that they used like `Spark or Hive`.

## Notification Center

- Since we use `AWS Lambda`, it enables the service to push notification, and `Amazon Simple Notification Service` will provide the abilities to manage pub/sub message from whatever AWS distribute from.
- The mobile application will have the message listener to keep track when the message center receives any message from the publisher. Also, the message center can filter or organize to whatever devices should receive the message based on the platform.

## Server Authentication & Validation

- The top layer of the authentication will be APIs authentication, each request will use encrypt token either bearer or access token type. The front end and backend should exchange authorization code, according to the [Auh0](https://auth0.com/docs/flows/guides/auth-code-pkce/call-api-auth-code-pkce) Authorization Code Flow with Proof Key for Code Exchange(PKCE). This is the standard for front end and backend communicate with each other.
- Reference see: [rfc8252 - 4.1](https://tools.ietf.org/html/rfc8252#section-4.1)
- For the server authentication and validation part, each server will use the service account to send a request to each other. The part can be also managed by the `Amazon IAM` to manage the request permission between each server.
- Therefore, to validate the user with the access IP address or any information, `AWS Mfa` can make it simple by sending SMS or email validation.

## Logger System

- If the application is using fully AWS services like Lambda function, microService, or any cloud function, the `AWS Logger System` can provide the easy implementation guide across all the logic and business flow. The logging architecture in Amazon has the integration of `Amazon CloudWatch` add to Amazon ES domain. It has Kibana dashboard to monitor all the data visualization and provides the information from the request/ response etc.

## Data Synchronization

- Some solutions for dealing with the replication request from users to login in two different devices, but making the change on mobile. It should also affect the desktop application as well. The `Amazon ElastiCache service` can handle data duplication issues. When there is a request already made on the phone. All we want to do is to store the requests to `Amazon ElastiCache`. And expire those activities within the day or once they logout. The cache will make sure the same request won’t making twice once the response is issued from the service. The Amazon ElastiCache will be the clock to keep track of each request from different devices. We know each device will login with a different token, but they used the same user account. The only difference is to filter the duplication requests from the same user id.

## Offline System

- One of the features from `AWS AppSync` can help the application to access local data when the device or internet is down. The local store serves as autosave all the action, user behavior, and provide local data access permission. The application local store will be detected to action once the internet reconnected.
- The other option is using the `AWS Amplify` which it functions the same way as `AppSync`

## Optimization Network

- API level: caching the response when it makes from the same requests. The API Gateway Caching some of the responses basic on the parameters, and reduce the same request when loading the same categories or list of stuff.
- The most time-consuming stuff is loading the image from the internet, and that will cost a lot of time basis on the lighthouse dev tools in Chrome. However, when the request is made by different sizes of devices, it can be using the request attributes to filter whatever device the user is sending the request to. If they use a mobile phone, the return image should not be large the size of their screen because it is waste the bandwidth and network connection.
- Also, the request can be compressed as Gzip when lambda returns the response, and then unzip it in the front end to reduce the time consumption.
- The monitor of EC2 performance can consider a big part of the environment. The EC2 can be tested based on the load condition, request speed and response time, etc.

## aws.jpg

      
    Raw
  

              aws.jpg
	# Backend Architecture (Design Proposal)

	[AWS DEMO](https://gist.githubusercontent.com/shijiezhou1/62de971da9cb8795a974739b11c4933b/raw/1eed6338564390bb697321c8163acb6214d6d107/aws.jpg)

	Please provide a visualization with a detailed explanation on the client-server architecture proposed.

	## API Gateway Integration

	- To satisfy and meet the requirements, the backend for the software is using Amazon API Gateway which provides fully managed service. For example, it allows users to publish, create, monitor, and secure all APIs on any scale. Since they do not introduce the concepts of RPC even it was way faster than restful, we will just stick with RESTful, HTTP/HTTPs and Web-socket API.

	- Amazon API Gateway will be the front door that makes all the connection to database and business logic much easier within the AWS’s environment. Also, it provides a more flexible authentication and authorization method with the AWS API gateway. If we want to customize it, a Lambda integration will be more helpful because it makes each API return what it describes.

	```
	api/products
	```

	- For example, the above endpoint will send out the request to the API endpoint `/products` and it will process all the logic through the Lambda, after several executions and actions, it should returns the object that we look at for.

	```
	{
	car: {
	title: “Saturn”,
	type: “automatic”,
	win: “FBKYO1tUJc_rT5OjzkUva7WoaJX-YxSFwBDy0nFRB”
	}
	}
	```

	- Also, there built-in feature Amazon CloudFront can help the backend service to pick the best location globally based on the region. For example, if the user’s IP most of them from the United States, the service will be deployed near the server in the United States, so it reduces the latency which it is using the content delivery network (CDN).

	## Database and Analytics Integration

	The database will be using the built-in Amazon DynamoDB which will be easy to scale and manage. The benefit of using DynamoDB because it works great with lambda functions that drive events from AWS resources such as provide event streams and event notification to different some applications. And the backup and restore service is also provided from Amazon DynamoDB. When the data is accidentally broken, it can roll back to the last backup to reduce the cost and lose with the use of `AWS Data Pipeline`. However, each server will have different access control to the DynamoDB resource or API member. `Amazon IAM` provides the configuration for the different APIs or applications to access the dynamo DB based on the right permission. Since each request requires a signature `HMAC-SHA256`. It will have to be matched with the private key from decrypt.

	- However, in some cases, the `Amazon Aurora` will also require because when dealing with multiple transactions and information to the vendor. How the order creates relative to the information of the user. Yet, Amazon relational database service only good for a strong relationship between many different tables. for those order queues, the DynamoDB will be enough to serve because it recorder the order based on the first come first server.
	- With the database migration, we can use the version control throw the database.

	```
	var rds = new AWS.RDS({apiVersion: '2020-01-01’});
	```

	- The Amazon Aurora will be fully manager by (RDS), such as backing up the database to S3.
	- For the user to log in or remind the user session, we applied the `Amazon ElastiCache for Redis` which it can store more of the common information when re-access to the duplicated content .
	- In order to delivers and provide everything admins need, the `Amazon Data Lakes` is the tool to handle all the analytics and machine learning services. It collects all the data and dumps in the same pool, and with the open-source engines that they used like `Spark or Hive`.

	## Notification Center

	- Since we use `AWS Lambda`, it enables the service to push notification, and `Amazon Simple Notification Service` will provide the abilities to manage pub/sub message from whatever AWS distribute from.
	- The mobile application will have the message listener to keep track when the message center receives any message from the publisher. Also, the message center can filter or organize to whatever devices should receive the message based on the platform.

	## Server Authentication & Validation

	- The top layer of the authentication will be APIs authentication, each request will use encrypt token either bearer or access token type. The front end and backend should exchange authorization code, according to the [Auh0](https://auth0.com/docs/flows/guides/auth-code-pkce/call-api-auth-code-pkce) Authorization Code Flow with Proof Key for Code Exchange(PKCE). This is the standard for front end and backend communicate with each other.
	- Reference see: [rfc8252 - 4.1](https://tools.ietf.org/html/rfc8252#section-4.1)
	- For the server authentication and validation part, each server will use the service account to send a request to each other. The part can be also managed by the `Amazon IAM` to manage the request permission between each server.
	- Therefore, to validate the user with the access IP address or any information, `AWS Mfa` can make it simple by sending SMS or email validation.

	## Logger System

	- If the application is using fully AWS services like Lambda function, microService, or any cloud function, the `AWS Logger System` can provide the easy implementation guide across all the logic and business flow. The logging architecture in Amazon has the integration of `Amazon CloudWatch` add to Amazon ES domain. It has Kibana dashboard to monitor all the data visualization and provides the information from the request/ response etc.

	## Data Synchronization

	- Some solutions for dealing with the replication request from users to login in two different devices, but making the change on mobile. It should also affect the desktop application as well. The `Amazon ElastiCache service` can handle data duplication issues. When there is a request already made on the phone. All we want to do is to store the requests to `Amazon ElastiCache`. And expire those activities within the day or once they logout. The cache will make sure the same request won’t making twice once the response is issued from the service. The Amazon ElastiCache will be the clock to keep track of each request from different devices. We know each device will login with a different token, but they used the same user account. The only difference is to filter the duplication requests from the same user id.

	## Offline System

	- One of the features from `AWS AppSync` can help the application to access local data when the device or internet is down. The local store serves as autosave all the action, user behavior, and provide local data access permission. The application local store will be detected to action once the internet reconnected.
	- The other option is using the `AWS Amplify` which it functions the same way as `AppSync`

	## Optimization Network

	- API level: caching the response when it makes from the same requests. The API Gateway Caching some of the responses basic on the parameters, and reduce the same request when loading the same categories or list of stuff.
	- The most time-consuming stuff is loading the image from the internet, and that will cost a lot of time basis on the lighthouse dev tools in Chrome. However, when the request is made by different sizes of devices, it can be using the request attributes to filter whatever device the user is sending the request to. If they use a mobile phone, the return image should not be large the size of their screen because it is waste the bandwidth and network connection.
	- Also, the request can be compressed as Gzip when lambda returns the response, and then unzip it in the front end to reduce the time consumption.
	- The monitor of EC2 performance can consider a big part of the environment. The EC2 can be tested based on the load condition, request speed and response time, etc.