TDvorak/1356
1
0
Fork 0
mirror of https://github.com/Dvorinka/1356.git synced 2026-06-03 19:42:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
8e83c308402b77215f8d96289ba1ffad21034c1d
1356/architecture.md
T
Tomas Dvorak 1639de69d4 Initial commit: Project documentation and git setup
2026-01-03 18:35:35 +01:00

3.7 KiB
Raw History

LifeTimer  Technical Architecture

This document describes how the Flutter app and Supabase backend are structured.

1. Overall approach

  • Mobile first, built with Flutter for Android and iOS.
  • Supabase used for authentication, Postgres database, storage, and real time features.
  • MVVM or Clean Architecture style separation
    • Presentation, screens and widgets.
    • View models, state management using Provider or Riverpod.
    • Data layer, repositories that talk to Supabase clients.

2. Flutter project structure

Suggested feature based folder layout

  • lib
    • core
      • theme, routing, localization, error handling, utilities
    • data
      • supabase client setup, repositories, models, mappers
    • features
      • auth
      • onboarding
      • goals
      • countdown
      • social
      • profile
      • settings
      • analytics

Each feature contains its own presentation widgets, view models, and sub repositories where needed.

3. Data flow

  • UI widgets send user intents to view models.
  • View models call repositories for data access or mutations.
  • Repositories call Supabase client methods
    • auth api for login, logout, and account management
    • Postgres queries or rpc calls for business data
    • storage for media uploads
    • realtime channels for live updates
  • Results flow back up through view models to update state and rebuild widgets.

4. Supabase integration

  • Single Supabase client instance configured at app start.
  • Environment configuration uses separate projects or keys for development, staging, and production.
  • Row Level Security used to protect tables so that users only see their own data, unless a profile is explicitly marked public, in which case only a limited subset of non sensitive fields is readable by others.
  • Edge functions may be added later for
    • computed metrics
    • scheduled notifications
    • heavy or sensitive operations.

5. Offline and caching

  • Local persistence of last known state for
    • active countdown values
    • list of goals and their progress
  • Use local database or key value storage package such as Hive or Shared Preferences for small amounts of data.
  • Mark pending writes and retry them when connectivity is back.

6. Error handling and logging

  • Centralized error handler that maps Supabase and network errors to user friendly messages.
  • Non fatal errors are logged to an analytics or crash reporting service.
  • Critical failures show a fallback screen with safe retry options.

7. Testing

  • Unit tests for
    • countdown calculations
    • rules around starting and locking the countdown
    • goal progress calculations
  • Widget tests for
    • goal cards
    • countdown screen
    • onboarding flow
  • Basic integration tests for sign up, creating goals, and starting the countdown.

8. Security and privacy architecture

  • Use Supabase Auth for all authentication; never store passwords or session tokens outside the auth system.
  • Ship only the public anon key in the mobile app; keep the service role key strictly on the server or in Supabase Edge Functions.
  • Enforce Row Level Security on all tables, with policies that
    • restrict reads and writes to auth.uid() for private accounts;
    • allow limited read only access to selected fields when users.is_public_profile = true.
  • Store access tokens only in platform secure storage APIs and never log them.
  • Validate all untrusted input on the server side and avoid constructing dynamic SQL from user data.
  • Minimize personally identifiable information stored in the database and support account deletion.
  • Use structured logging that avoids sensitive fields and route logs to a secure destination.
Reference in New Issue View Git Blame Copy Permalink