Skip to main content

System Architecture

High-Level Architecture

Component Interactions

User Authentication Flow

Booking Creation Flow

Data Flow: Service Listing with i18n

Database Schema Overview

Entity Relationship Diagram

Key Table Relationships

User & Authentication
  • User: Core user account
  • Session: Active user sessions (1:N)
  • Account: OAuth accounts (1:N)
  • Verification: Email verification tokens
Booking System
  • Booking: Main booking record
  • BookingPet: Junction table (Booking N:N Pet)
  • BookingService: Junction table (Booking N:N Service) with pricing
  • Staff: Assigned staff member (optional)
Multi-Language Support
  • Service.name: JSONB {"en": "Grooming", "vi": "Chăm sóc lông"}
  • Service.description: JSONB with translations
  • Staff position, specialization: JSONB fields
  • Setting value: JSONB for multi-language configs

API Design Patterns

Standard Response Format

HTTP Status Codes

Resource Pagination

Authentication & Authorization

Better Auth Integration

  • Session-based authentication
  • JWT tokens for API access
  • Refresh token rotation
  • CSRF protection on state-changing operations
  • Rate limiting on auth endpoints

Role-Based Access Control (RBAC)

Deployment Architecture

Development Environment

Production Environment

Security Architecture

Network Security

  • HTTPS/TLS 1.3+ for all communications
  • CORS configured for specific origins
  • Rate limiting per IP/endpoint
  • DDoS protection via CDN

Data Security

  • Passwords hashed with bcrypt
  • Sessions encrypted
  • Sensitive data excluded from logs
  • SQL injection prevention via ORM
  • XSS prevention via React escaping

Authentication Security

  • Secure cookie flags (HttpOnly, Secure)
  • CSRF tokens on state-changing operations
  • Session timeout with warnings
  • Account lockout after failed attempts
  • Email verification for sign-up

Scalability Considerations

Current Architecture

  • Monolithic backend suitable for < 1000 bookings/day
  • Single database instance with replication
  • Static asset CDN for frontend

Future Scaling

  1. Horizontal Scaling: Multiple backend instances behind load balancer
  2. Database: Query optimization, read replicas, eventual sharding
  3. Caching: Redis for sessions and frequent queries
  4. Message Queue: Async booking notifications and processing
  5. Microservices: Separate booking, payment, notification services

Installation Guide

Set up development environment

API Reference

Explore REST endpoints

Deployment Guide

Deploy to production

Back to Home

Return to homepage