TDvorak/1356
1
0
Fork 0
mirror of https://github.com/Dvorinka/1356.git synced 2026-06-04 12:02:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Initial commit: Project documentation and git setup

Browse Source
This commit is contained in:
Tomas Dvorak
2026-01-03 18:35:35 +01:00
commit 1639de69d4
51 changed files with 5005 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
architecture.md
+92
View File
@@ -0,0 +1,92 @@
# LifeTimer  Technical Architecture
This document describes how the Flutter app and Supabase backend are structured.
## 1. Overall approach
- Mobile first, built with Flutter for Android and iOS.
- Supabase used for authentication, Postgres database, storage, and real time features.
- MVVM or Clean Architecture style separation
- Presentation, screens and widgets.
- View models, state management using Provider or Riverpod.
- Data layer, repositories that talk to Supabase clients.
## 2. Flutter project structure
Suggested feature based folder layout
- lib
- core
- theme, routing, localization, error handling, utilities
- data
- supabase client setup, repositories, models, mappers
- features
- auth
- onboarding
- goals
- countdown
- social
- profile
- settings
- analytics
Each feature contains its own presentation widgets, view models, and sub repositories where needed.
## 3. Data flow
- UI widgets send user intents to view models.
- View models call repositories for data access or mutations.
- Repositories call Supabase client methods
- auth api for login, logout, and account management
- Postgres queries or rpc calls for business data
- storage for media uploads
- realtime channels for live updates
- Results flow back up through view models to update state and rebuild widgets.
## 4. Supabase integration
- Single Supabase client instance configured at app start.
- Environment configuration uses separate projects or keys for development, staging, and production.
- Row Level Security used to protect tables so that users only see their own data, unless a profile is explicitly marked public, in which case only a limited subset of non sensitive fields is readable by others.
- Edge functions may be added later for
- computed metrics
- scheduled notifications
- heavy or sensitive operations.
## 5. Offline and caching
- Local persistence of last known state for
- active countdown values
- list of goals and their progress
- Use local database or key value storage package such as Hive or Shared Preferences for small amounts of data.
- Mark pending writes and retry them when connectivity is back.
## 6. Error handling and logging
- Centralized error handler that maps Supabase and network errors to user friendly messages.
- Non fatal errors are logged to an analytics or crash reporting service.
- Critical failures show a fallback screen with safe retry options.
## 7. Testing
- Unit tests for
- countdown calculations
- rules around starting and locking the countdown
- goal progress calculations
- Widget tests for
- goal cards
- countdown screen
- onboarding flow
- Basic integration tests for sign up, creating goals, and starting the countdown.
## 8. Security and privacy architecture
- Use Supabase Auth for all authentication; never store passwords or session tokens outside the auth system.
- Ship only the public anon key in the mobile app; keep the service role key strictly on the server or in Supabase Edge Functions.
- Enforce Row Level Security on all tables, with policies that
- restrict reads and writes to `auth.uid()` for private accounts;
- allow limited read only access to selected fields when `users.is_public_profile = true`.
- Store access tokens only in platform secure storage APIs and never log them.
- Validate all untrusted input on the server side and avoid constructing dynamic SQL from user data.
- Minimize personally identifiable information stored in the database and support account deletion.
- Use structured logging that avoids sensitive fields and route logs to a secure destination.