A proxy server that acts as an Efiling Service Provider, connecting guided interviews to Efiling Managers on Tyler Technologies implementation of ECF 4.0
A bit of a large refactor that involved 3 important fixes:
the biggest change: not persisting Database connection objects for the whole life of the app, and instead using a pool of database connections. Persistent single connections is not really scalable, and given we haven't done much load testing, would have failed (or corrupted data / not been thread safe) under higher loads.
Partially addressed server-side request forgery vulnerabilities that could be happening when accepting arbitrary URLs from docassemble servers. An allow list would be nice, but can't think of a way to do that without hardcoding a list of servers (or env variable of list of servers), which will make things more difficult to interoperate / handle more traffic
The API keys used to access the server were being stored in plaintext. They weren't being retrieved or saved in memory at all, but were still in the database directly. Changed these keys to be hashed, and to hash the incoming keys to make sure they match. In order to make this change, I did have to setup a way to upgrade the database schema in place, which will be very helpful for future feature updates (being able to add columns to databases running in production automatically on startup, etc.)
Details and links to more resources I used to write these are in each individual commit.
A bit of a large refactor that involved 3 important fixes:
Details and links to more resources I used to write these are in each individual commit.