Task Manager Pro - Architecture Diagrams

🏗️ 1. System Overview

High-level architecture showing all components and integrations

📊 High-Level System Architecture

graph TB subgraph Users["👥 Users"] Web[Web Browser] Mobile[Mobile PWA] end subgraph CDN["☁️ AWS CloudFront"] CF[CDN + SSL/TLS] end subgraph Frontend["🎨 Frontend"] React[React.js
Service Worker] end subgraph Backend["⚙️ Backend"] Spring[Spring Boot
REST API] end subgraph Database["💾 Database"] MariaDB[(MariaDB
AWS RDS)] end subgraph Auth["🔐 Authentication"] Google[Google OAuth 2.0] Facebook[Facebook OAuth 2.0] end subgraph Notifications["📬 Notifications"] SES[AWS SES
Email] SNS[AWS SNS
SMS] WebPush[Web Push API
VAPID] end subgraph Payments["💳 Payments"] Stripe[Stripe API] end Users --> CF CF --> React CF --> Spring Spring --> MariaDB Spring --> Google Spring --> Facebook Spring --> SES Spring --> SNS Spring --> WebPush Spring --> Stripe

Component	Technology	Purpose
Frontend	React.js + PWA	Progressive web application with offline support
Backend	Spring Boot	REST API with JWT authentication
Database	MariaDB (AWS RDS)	Primary data storage with automated backups
CDN	AWS CloudFront	Global content delivery with SSL/TLS

↑ Back to Table of Contents

🔵 2. Google OAuth 2.0 Flow

Authentication sequence using Google as identity provider

🔐 Google OAuth Sequence

sequenceDiagram autonumber participant U as 👤 User participant R as 🎨 React Frontend participant S as ⚙️ Spring Boot participant G as 🔵 Google OAuth U->>R: Click "Login with Google" R->>G: Redirect to Google OAuth U->>G: Enter Google credentials G->>R: Return Authorization Code R->>S: Send Auth Code to backend S->>G: Exchange code for tokens G->>S: Return ID token + Access token S->>S: Verify token, create/find user S->>S: Generate JWT token S->>R: Return JWT + User Info R->>R: Store JWT in localStorage R->>U: Show Dashboard

Configuration	Value
Authorization Endpoint	`https://accounts.google.com/o/oauth2/v2/auth`
Token Endpoint	`https://oauth2.googleapis.com/token`
Scopes	`openid`, `email`, `profile`
Redirect URI (Prod)	`https://taskmanager.sriinfosoft.com/oauth2/callback/google`

↑ Back to Table of Contents

🔵 3. Facebook OAuth 2.0 Flow

Authentication sequence using Facebook as identity provider

🔐 Facebook OAuth Sequence

sequenceDiagram autonumber participant U as 👤 User participant R as 🎨 React Frontend participant S as ⚙️ Spring Boot participant F as 🔵 Facebook OAuth U->>R: Click "Login with Facebook" R->>F: Redirect to FB OAuth Dialog U->>F: Approve permissions F->>R: Redirect with Auth Code R->>S: Send Auth Code to backend S->>F: Exchange code for access token F->>S: Return access token S->>F: GET /me?fields=id,name,email F->>S: Return user profile data S->>S: Create/find user, Generate JWT S->>R: Return JWT + User Info R->>U: Show Dashboard

Configuration	Value
Authorization Endpoint	`https://www.facebook.com/v18.0/dialog/oauth`
Token Endpoint	`https://graph.facebook.com/v18.0/oauth/access_token`
User Info Endpoint	`https://graph.facebook.com/me?fields=id,name,email`
Scopes	`email`, `public_profile`

↑ Back to Table of Contents

🔔 4. Push Notifications (Web Push API)

Browser push notifications using VAPID authentication

📲 Web Push Notification Flow

sequenceDiagram autonumber participant U as 👤 User participant SW as 🔧 Service Worker participant S as ⚙️ Spring Boot participant D as 💾 MariaDB participant WP as 🔔 Web Push Service Note over U,WP: === SUBSCRIPTION PHASE === U->>SW: Enable notifications SW->>U: Request permission U->>SW: Grant permission SW->>WP: Subscribe with VAPID public key WP->>SW: Return PushSubscription SW->>S: POST /api/push/subscribe S->>D: Store endpoint, p256dh_key, auth_key Note over U,WP: === NOTIFICATION PHASE (Scheduler) === S->>D: Query tasks due in 1 hour D->>S: Return task list S->>D: Get user push subscriptions D->>S: Return endpoint + keys S->>WP: Send push via VAPID (encrypted) WP->>SW: Deliver to Service Worker SW->>U: 🔔 "Task Due in 1 hour!"

Component	Technology
Protocol	Web Push API (RFC 8030)
Authentication	VAPID (Voluntary Application Server Identification)
Encryption	ECDH + AES-GCM
Backend Library	`webpush-java` (nl.martijndwars)
Frontend	Service Worker + Push API

↑ Back to Table of Contents

📱 5. SMS Notifications (AWS SNS)

SMS notifications for premium subscribers via AWS Simple Notification Service

📲 SMS Notification Flow

sequenceDiagram autonumber participant C as ⏰ Scheduler participant S as ⚙️ Spring Boot participant D as 💾 MariaDB participant SNS as 📱 AWS SNS participant U as 👤 User Phone C->>S: Trigger hourly check S->>D: Query tasks due in 1 hour D->>S: Return task list S->>D: Check user subscription plan D->>S: Plan: Pro, SMS: Enabled S->>D: Get user phone number D->>S: Return +1234567890 S->>SNS: SNS Publish SMS SNS->>U: 📲 "Task Due in 1 hour" S->>D: Log notification sent

Configuration	Value
AWS Region	`us-east-1`
SMS Type	Transactional
Sender ID	`TaskMgrPro`
Availability	Pro plan subscribers only

↑ Back to Table of Contents

📧 6. Email Notifications (AWS SES)

Daily digest and task reminder emails via AWS Simple Email Service

📬 Email Notification Flow

sequenceDiagram autonumber participant C as ⏰ Scheduler participant S as ⚙️ Spring Boot participant D as 💾 MariaDB participant SES as 📧 AWS SES participant U as 👤 User Email C->>S: Daily digest trigger (8 AM) S->>D: Query users with email enabled D->>S: Return user list S->>D: Query tasks due today per user D->>S: Return task list S->>S: Build HTML email template S->>SES: SES SendEmail API SES->>U: 📧 Daily Task Digest S->>D: Log email sent

Configuration	Value
From Address	`notifications@sriinfosoft.com`
Email Type	HTML with inline CSS
Schedule	Daily at 8:00 AM user timezone
Availability	All plans

↑ Back to Table of Contents

💳 7. Stripe Payment Integration

Subscription management with Stripe Checkout and webhooks

💰 Stripe Checkout Flow

sequenceDiagram autonumber participant U as 👤 User participant R as 🎨 React Frontend participant S as ⚙️ Spring Boot participant ST as 💳 Stripe API participant D as 💾 MariaDB U->>R: Select Pro Plan ($9.99/mo) R->>S: POST /api/stripe/create-checkout S->>ST: Create Checkout Session ST->>S: Return session URL S->>R: Return checkout URL R->>U: Redirect to Stripe Checkout U->>ST: Enter payment details ST->>U: Payment successful Note over ST,D: Webhook (async) ST->>S: POST /webhook (checkout.session.completed) S->>D: Update user subscription D->>D: Plan: Pro, Status: Active U->>R: Redirect back to app R->>S: GET /api/stripe/subscription S->>D: Query subscription status S->>R: Return Pro plan details R->>U: 🎉 Pro features unlocked!

Webhook Event	Action
`checkout.session.completed`	Activate subscription
`customer.subscription.created`	Log subscription start
`customer.subscription.updated`	Update plan/status
`customer.subscription.deleted`	Downgrade to Free
`invoice.payment_succeeded`	Log payment
`invoice.payment_failed`	Mark as past_due

↑ Back to Table of Contents

☁️ 8. AWS Infrastructure

Production cloud infrastructure on Amazon Web Services

🏢 AWS Cloud Architecture

graph TB subgraph Internet["🌐 Internet"] Users[👥 Users] end subgraph AWS["☁️ AWS Cloud (us-east-1)"] subgraph Edge["Edge Services"] Route53[Route 53
DNS] CloudFront[CloudFront
CDN + SSL] end subgraph Compute["Compute"] S3[S3 Bucket
React Frontend] EC2[EC2 Instance
Spring Boot] end subgraph Data["Data Layer"] RDS[(RDS MariaDB
Primary)] end subgraph Services["Supporting Services"] SES[SES - Email] SNS[SNS - SMS] Secrets[Secrets Manager] CloudWatch[CloudWatch Logs] S3_Backup[S3 - Backups] end end subgraph External["External Services"] Google[Google OAuth] Facebook[Facebook OAuth] Stripe[Stripe Payments] WebPush[Web Push Services] end Users --> Route53 Route53 --> CloudFront CloudFront --> S3 CloudFront --> EC2 EC2 --> RDS EC2 --> SES EC2 --> SNS EC2 --> Secrets EC2 --> CloudWatch RDS --> S3_Backup EC2 --> Google EC2 --> Facebook EC2 --> Stripe EC2 --> WebPush

Service	Purpose	Configuration
Route 53	DNS management	A record → CloudFront
CloudFront	CDN + SSL/TLS	ACM certificate, S3 + EC2 origins
S3	Static hosting	React build files
EC2	Application server	t3.small, Docker container
RDS	Database	db.t3.micro, automated backups
Secrets Manager	Credentials	DB passwords, API keys

↑ Back to Table of Contents

🚀 9. CI/CD Pipeline & Automation

End-to-end automation for build, test, deploy, and operations

🔄 Deployment Pipeline

graph LR subgraph Dev["👨‍💻 Development"] Code[Code Changes] Git[Git Push] end subgraph CI["🔄 CI"] Build[Build] Test[Test] Lint[Lint] end subgraph CD["🚀 CD"] Docker[Docker Build] Deploy[Deploy] end subgraph Prod["☁️ Production"] Frontend[S3 + CloudFront] Backend[Docker Container] DB[(MariaDB)] end subgraph Ops["📊 Operations"] Health[Health Checks] Backup[DB Backups] Alerts[Slack Alerts] end Code --> Git Git --> Build Build --> Test Test --> Lint Lint --> Docker Docker --> Deploy Deploy --> Frontend Deploy --> Backend Backend --> DB Frontend --> Health Backend --> Health DB --> Backup Health --> Alerts

Script	Purpose	Schedule
`deploy-frontend.sh`	npm build → S3 upload → CloudFront invalidation	On push
`deploy-backend.sh`	Maven build → Docker → EC2 restart → Health check	On push
`db-backup.sh`	mysqldump → gzip → S3 upload → Cleanup old	Daily 2 AM
`health-check.sh`	API endpoint monitoring → Slack alerts	Every 5 min
`ssl-renew.sh`	Check/renew SSL certificates	Weekly
`log-rotate.sh`	Archive and compress old logs	Daily

💻 Frontend Deployment Script

#!/bin/bash
# deploy-frontend.sh

set -e

S3_BUCKET="taskmanager-frontend-prod"
CLOUDFRONT_DIST_ID="E1234567890ABC"

# Build React app
npm ci
npm run build

# Upload to S3 with cache headers
aws s3 sync ./build s3://$S3_BUCKET --delete \
    --cache-control "max-age=31536000"

# Upload index.html with no-cache
aws s3 cp ./build/index.html s3://$S3_BUCKET/index.html \
    --cache-control "no-cache"

# Invalidate CloudFront cache
aws cloudfront create-invalidation \
    --distribution-id $CLOUDFRONT_DIST_ID \
    --paths "/*"

echo "✅ Frontend deployed!"

💾 Database Backup Script

#!/bin/bash
# db-backup.sh - Runs daily at 2 AM via cron

set -e

DB_HOST="taskmanager-db.xxxxx.rds.amazonaws.com"
S3_BUCKET="taskmanager-backups"
DATE=$(date +%Y%m%d_%H%M%S)
BACKUP_FILE="backup_$DATE.sql.gz"

# Dump database and compress
mysqldump -h $DB_HOST -u admin \
    --single-transaction \
    --routines \
    taskmanager | gzip > /tmp/$BACKUP_FILE

# Upload to S3
aws s3 cp /tmp/$BACKUP_FILE s3://$S3_BUCKET/daily/

# Cleanup backups older than 30 days
aws s3 ls s3://$S3_BUCKET/daily/ | while read line; do
    file_date=$(echo $line | awk '{print $1}')
    if [[ $(date -d "$file_date" +%s) -lt $(date -d "30 days ago" +%s) ]]; then
        aws s3 rm s3://$S3_BUCKET/daily/$(echo $line | awk '{print $4}')
    fi
done

# Cleanup local file
rm -f /tmp/$BACKUP_FILE

echo "✅ Backup complete: $BACKUP_FILE"

↑ Back to Table of Contents