[Question] Work and effort prioritization

[malparty]

Could you share more about how you split the work and organize the development?

Besides, what were the drivers for deciding to implement manually the authentication (rather than using existing libs)? (the first PR does not give much information about it)

[wildan3105]

Flow:

1. Problem Definition and Requirements:

   • Identified the problem and outlined both functional and non-functional requirements.
   • Made decisions regarding technological choices for the project.

2. Backend Development:

• Created the project skeleton and initial functionalities.
• Developed essential backend components such as user registration, authentication, and health check functionalities.

3. Core Functionality Implementation: CSV Upload

   • Implemented CSV upload functionality, including validation and parsing.
   • Established a pub/sub mechanism to handle keyword uploads and scraping.

4. Google Scraping Integration:

   • Extended functionality to include scraping Google search results.
   • Implemented a worker to compress HTML code and store relevant information in the database.

5. Frontend Setup:

   • Set up initial frontend functionalities mirroring backend features.
   • Included user sign-up, sign-in, CSV upload, and keyword management.

6. Integration, Testing, and Deployment:

   • Integrated frontend and backend components.
   • Created several tests to cover some areas of the application.
   • Deployed the application to verify functionality in a live environment.

Authentication Flow:

1. Users sign in with their chosen password during the sign-up process.
2. Password verification is performed against the encrypted password stored in the database.
3. Upon successful verification, a token is generated using a specified secret key and algorithm, containing user ID and email for future processes.
4. The token is provided in the login response for secure API calls.

Reasoning Behind Manual Authentication Implementation:

• Simplicity and Security: Control over the signature algorithm and token validity duration during sign-in ensures simplicity and security.
• Flexibility: The ability to include additional information in the token, such as user ID and email, provides flexibility for frontend usage.
• Reduced Dependency: Implementing authentication manually reduces dependency on external libraries

Let me know if you need more clarification!

[malparty]

Thanks, that's clear enough :)