Backend Architecture

Backend Architecture Document

Project: ~~{{PROJECT_NAME}}~~Drop Version: ~~{{VERSION}}~~0.1.0 Date: ~~{{DATE}}~~2026-02-23 Author: ~~{{AUTHOR}}~~Platform Architect (AI) Status: ~~Draft |~~ In Review ~~| Approved~~ Reviewers: ~~{{REVIEWERS}}~~Alem Bašić (CEO)

Document History

Version	Date	Author	Changes
0.1	~~{{DATE}}~~2026-02-23	~~{{AUTHOR}}~~Platform Architect (AI)	Initial draft from source code analysis

1. Architecture Pattern

Pattern: {{Modular Monolith |— MicroservicesNext.js |App MonolithRouter |with Event-Drivenco-located Microservices}}API routes

Pattern Considered	Pros	Cons	Decision
Monolith (Next.js all-in-one)	Simple deploy, ~~low~~single codebase, lowest latency	Scaling bottleneck, ~~team~~frontend/backend ~~coupling~~coupled	`{{Selected/Rejected}}`Selected
Modular Monolith	~~Organized,~~Module isolation within single ~~deploy, module isolation~~deploy	~~Shared~~Extra DBabstraction ~~risk~~overhead for small team	`{{Selected/Rejected}}`Partially adopted (lib/ modules)
Microservices	Independent ~~scaling,~~scaling ~~team~~per ~~autonomy~~service	Operational ~~complexity~~complexity, too expensive for MVP	`{{Selected/Rejected}}`Rejected

Rationale:

Drop
~~TODO:~~is ~~3-5~~a ~~sentences~~two-person ~~explaining~~MVP (Alem + AI). The Next.js App Router pattern co-locates API routes (app/api/) with the ~~decision~~frontend, ~~considering~~enabling ~~team~~full-stack ~~size,~~development ~~scale~~in ~~requirements,~~a ~~and~~single ~~operational~~TypeScript ~~maturity.~~codebase with zero additional runtime complexity. The src/lib/ directory provides module isolation (db, middleware, services, features) without microservice overhead. App Runner handles scaling concerns at the infrastructure level.

Pass-Through Model (Critical Architecture Constraint): Drop NEVER holds customer money. All payments are pass-through via PSD2:

AISP (Account Information): reads bank balance from user's real bank account

PISP (Payment Initiation): initiates transfers directly from user's bank account

bank_accounts.balance = last AISP-read value from external bank (cached for UI display, NOT a Drop-held balance)

2. Technology Stack

Layer	Technology	Version	Notes
Runtime	`{{Node.js}}`js	`{{20.x22 LTS}}`(Alpine)	LTS, Dockerfile base image
Framework	`{{NestJSNext.js /(App Express / Fastify / Hono}}`Router)	`{{10.x}}`16.1.6	Standalone output for Docker
Frontend	React	19.2.3
~~ORM~~Language	`{{Prisma / TypeORM / Drizzle}}`TypeScript	`{{5.x}}`^5	Strict mode
~~Primary~~Database DB(production)	PostgreSQL (via `pg`)	16 (RDS)	`{{PostgreSQL}}`	`{{16.x}}`	~~Managed:~~ `{{RDS / Supabase}}^8.18.0`
~~Cache~~Database (MVP/staging)	SQLite (via `{{Redis}}better-sqlite3`)	`{{7.x}}`^12.6.2	~~Managed:~~Auto-detected when no `{{ElastiCache / Upstash}}DATABASE_URL`
~~Queue~~	`{{BullMQ / SQS / RabbitMQ}}`	`{{5.x}}`
~~Search~~	`{{Elasticsearch / MeiliSearch / Typesense}}`	`{{8.x}}`	~~Optional~~
~~File storage~~	`{{AWS S3 / Cloudflare R2}}`	~~API~~
Auth	`{{Custom JWT /(via Auth0 / Supabase Auth}}jose)`	^6.1.3	HS256, httpOnly cookie
Password hashing	bcryptjs	^3.0.3	Legacy — BankID replaces email/password
Identity (eID)	BankID OIDC	Norwegian eID	Mandatory for all users
KYC	Sumsub WebSDK + API	Production-ready	Only connected external service
Open Banking	TBD (Swan deprecated)	—	AISP/PISP provider selection pending
Styling	Tailwind CSS	^4
~~Logging~~UI Components	`{{PinoRadix / Winston}}`UI	`{{8.x}}`^1.4.3	→Accessible, `{{Datadogunstyled / Loki}}`primitives
~~APM~~Icons	`{{DatadogLucide / Sentry / Elastic APM}}`React	^0.563.0
~~API docs~~Theme	`{{Swagger / OpenAPI 3.1}}`next-themes	`{{3.1}}`^0.4.6	Dark/light mode
Toasts	Sonner	^2.0.7
Testing (unit)	Vitest	^4.0.18
Testing (E2E)	Playwright	^1.58.2
Linting	ESLint	^9

3. ProjectApplication Structure

src/drop-app/
├── modules/                # Feature modules (NestJS) / route handlers (Express)src/
│   ├── users/app/                    # Next.js App Router
│   │   ├── users.module.tsapi/                │# │API ├──route users.controller.tshandlers │(REST │   ├── users.service.ts
│   │   ├── users.repository.ts
│   │   ├── dto/endpoints)
│   │   │   ├── create-user.dto.tsauth/           # BankID OIDC + session management
│   │   │   │   ├── bankid/     # initiate + callback endpoints
│   │   │   │   ├── me/         # current user + bank accounts
│   │   │   │   ├── logout/     # session revocation
│   │   │   │   └── update-user.dto.tsrefresh/    # token refresh
│   │   │   ├── transactions/   # remittance, qr-payment, history, disclosure, receipt
│   │   │   ├── recipients/     # recipient CRUD
│   │   │   ├── rates/          # exchange rates (public)
│   │   │   ├── merchants/      # merchant registration + dashboard
│   │   │   ├── notifications/  # push notification management
│   │   │   ├── settings/       # user preferences
│   │   │   ├── consents/       # GDPR consent management
│   │   │   ├── complaints/     # Finansavtaleloven §3-53 complaints
│   │   │   ├── cards/          # [FUTURE] feature-flagged card management
│   │   │   ├── user/           # GDPR data export + account deletion
│   │   │   └── entities/health/         # health check endpoint
│   │   └── user.entity.(frontend pages)    # Next.js pages
│   └── lib/                    # Shared application library
│       ├── db.ts               # Database abstraction (PostgreSQL + SQLite)
│       ├── middleware.ts        # Auth, rate limiting, CSRF, session revocation
│       ├── middleware/          # Modular middleware library
│       │   ├── auth-middleware.ts  # Bearer token auth (mobile)
│       │   ├── error-handler.ts   # AppError class + error response formatting
│       │   └── validation.ts      # Input validation functions
│       ├── alerts.ts           # Slack alerting + error spike detection
│       ├── secrets.ts          # Pluggable secrets provider (env / Doppler / AWS SM)
│       ├── feature-flags.ts    # Environment-variable-based feature flags
│       ├── features.ts         # Feature tracking system (dev tool)
│       └── services/           # External service integrations
│           ├── index.ts        # Service initialization
│           ├── mock-sumsub.ts  # Sumsub KYC (production-ready)
│           ├── mock-swan.ts    # Swan Open Banking (DEPRECATED)
│           └── mock-stripe.ts  # Stripe Issuing (mock only, FUTURE)
├── tests/                      # Test suite
│   ├── setup.ts                # Vitest setup (NODE_ENV=test, in-memory DB)
│   ├── *.test.ts               # Unit + integration tests
│   └── e2e/                    # Playwright E2E tests
│       ├── user-flows.spec.ts
│       ├── auth/
│   ├── notifications/
│   └── {{FEATURE}}/
├── common/
│   ├── decorators/         # Custom decorators
│   ├── filters/            # Exception filters
│   ├── guards/             # Auth / role guards
│   ├── interceptors/       # Logging, transform interceptors
│   ├── pipes/              # Validation pipes
│   └── middleware/         # Request middleware
├── database/
│   ├── migrations/
│   └── seeds/
├── config/
│   ├── app.config.ts
│   ├── database.config.full-flows.spec.ts
│       └── redis.config.input-chaos.spec.ts
└── scripts/
    ├── jobs/backup.sh               # BackgroundSQLite jobbackup definitionsscript
    └── main.tsqa-report.js            # ApplicationQA entrymetrics point

test/
├── unit/
├── integration/
└── e2e/generator

4. RequestDatabase Processing PipelineLayer

4.1

Dual-Database Architecture

Drop auto-detects the database driver at startup:

sequenceDiagramDATABASE_URL ~~participant~~set ~~Client~~→ ~~participant~~PostgreSQL ~~Gateway~~(pg asdriver)

~~API~~

DATABASE_URL ~~Gateway~~not /set LB→ ~~participant~~SQLite ~~Middleware~~(better-sqlite3)

~~Middleware~~

Source: ~~Stack~~src/lib/db.ts

~~participant~~

4.2 Guard as Guards participant Pipe as Validation Pipe participant Controller participant Service participant Repository participant DB asKey Database Client->>Gateway: HTTP Request Gateway->>Middleware: Forward (with tracing headers) Middleware->>Middleware: Request ID, CORS, Security Headers, Rate Limit Middleware->>Guard: Authenticated request Guard->>Guard: JWT verification, Role check Guard->>Pipe: Authorized request Pipe->>Pipe: Schema validation (Zod/class-validator) Pipe->>Controller: Validated DTO Controller->>Service: Business method call Service->>Repository: Data access call Repository->>DB: Query DB-->>Repository: Result Repository-->>Service: Domain entity Service-->>Controller: Response data Controller-->>Client: HTTP Response (transformed)

5. Middleware Stack Configuration

~~Execution order (applied left-to-right):~~

Tables :BankID = : ,

~~Order~~	~~Middleware~~Table	Purpose	~~Global?~~Notes
1`users`	User accounts, KYC status, BankID linkage	`helmetkyc_status`	~~Security~~pending/approved/rejected; ~~headers~~`national_id_hash`: ~~(CSP,~~SHA-256 ~~HSTS,~~of ~~etc.)~~	~~Yes~~pid
2	`corssessions`	~~CORS~~JWT ~~policy~~session ~~enforcement~~tracking + revocation	~~Yes~~SHA-256 hash of JWT, `revoked` flag
3`bank_accounts`	Linked bank accounts (AISP data)	`request-id`	~~Inject~~ `X-Request-IDbalance` ~~header~~	~~Yes~~last AISP read (NOT Drop-held funds)
4`transactions`	All payments (remittance + QR)	`compressiontype`	~~gzip~~remittance/qr_payment; ~~response~~`status`: ~~compression~~	~~Yes~~processing/completed/failed
5	`body-parserrecipients`	~~Parse~~Saved ~~JSON/urlencoded~~international ~~bodies~~recipients	~~Yes~~Bank account masked in API responses
6`merchants`	Merchant profiles, QR data	`rate-limiterorg_number` unique (9 digits, Norwegian)
`notifications`	User notifications	Feature-flagged
`rate_limits`	IP-based rate limiting (~~Redis)~~persistent)	~~Yes~~`key`: IP address, window-based counter
7`audit_log`	Security + compliance audit trail	`request-loggeraction`	~~Structured~~`resource_type`, ~~request~~`resource_id`, ~~logging~~	~~Yes~~`details`
8`aml_alerts`	~~Route-specific~~AML/financial ~~middleware~~crime alerts	~~Auth,~~`status`: ~~validation per route~~	Noopen/closed/filed

~~Security headers configured via Helmet:~~

app.use(helmet({
  contentSecurityPolicy: { /* ... */ },
  hsts: { maxAge: 31536000, includeSubDomains: true, preload: true },
  referrerPolicy: { policy: 'same-origin' },
}));

6. Authentication & Authorization Flow

flowchart TD
    Login["POST /auth/login\n{email, password}"] --> ValidateCreds["Validate credentials\n(bcrypt compare)"]
    ValidateCreds -->|Invalid| Reject["401 Unauthorized"]
    ValidateCreds -->|Valid| IssuePair["Issue token pair\naccess (15m) + refresh (30d)"]
    IssuePair --> StoreRefresh["Store refresh token\n(hashed, Redis or DB)"]
    IssuePair --> ReturnTokens["Return tokens to client"]

    AuthReq["Authenticated Request"] --> ExtractJWT["Extract Bearer token"]
    ExtractJWT --> VerifyJWT["Verify signature + expiry"]
    VerifyJWT -->|Invalid/Expired| RefreshFlow["POST /auth/refresh"]
    VerifyJWT -->|Valid| CheckRoles["Role/permission check"]
    CheckRoles -->|Unauthorized| Forbidden["403 Forbidden"]
    CheckRoles -->|Authorized| Handler["Route Handler"]

    RefreshFlow --> VerifyRefresh["Verify refresh token\n(hash match, not revoked)"]
    VerifyRefresh -->|Invalid| Logout["Force logout → 401"]
    VerifyRefresh -->|Valid| RotateToken["Rotate tokens\n(old token revoked)"]

~~RBAC / ABAC:~~

~~Roles:~~ {{admin | manager | user | viewer}}

~~Permissions:~~ {{resource:action}} ~~e.g.~~ users:delete

~~Role-permission mapping:~~ {{database table | config file | code}}

7. Database Access Patterns

~~Pattern:~~ {{Repository Pattern}}

// Repository interface — decouples business logic from storage
interface UserRepository {
  findById(id: string): Promise<User | null>;
  findByEmail(email: string): Promise<User | null>;
  findMany(filters: UserFilters): Promise<PaginatedResult<User>>;
  create(data: CreateUserData): Promise<User>;
  update(id: string, data: UpdateUserData): Promise<User>;
  delete(id: string): Promise<void>;
}

~~Query performance rules:~~

~~All queries accessing > 1000 rows must have paginator~~

~~All filterable fields must have DB indexes (document in migration)~~

~~N+1 queries forbidden — use~~ include~~/JOIN or~~ dataloader ~~pattern~~

~~Raw SQL allowed only when ORM cannot express the query efficiently~~

8. Caching Architecture

graph LR
    Request --> L1["L1: In-Memory\n(node-cache)"]
    L1 -->|Cache miss| L2["L2: Redis\n(shared, distributed)"]
    L2 -->|Cache miss| DB["Database"]

    DB --> L2
    L2 --> L1
    L1 --> Response

Transaction ~~(in-process)Map~~ all

~~Layer~~	`str_reports`	~~Technology~~	Suspicious	~~TTL~~	~~What's~~Reports ~~Cached~~	Filed with Finanstilsynet
L1`consents`	GDPR consent records	`node-cacheconsent_type`: /terms/privacy/marketing/cookies_analytics/cookies_marketing
`data_access_requests`	30GDPR ~~sec~~export/erasure requests	~~Config,~~`type`: export/erasure
`complaints`	User complaints (Finansavtaleloven §3-53)	15-business-day response SLA
`exchange_rates`	NOK → destination currency rates	Updated externally
`feature_flags`	Runtime feature flag overrides	Complement to env-var flags
~~L2 (distributed)~~`cards`	~~Redis~~[FUTURE] Virtual/physical cards	~~Per~~Feature-flagged, ~~resource~~	~~User~~flags ~~sessions,~~default ~~API responses~~
~~L3 (CDN edge)~~	~~Cloudflare / CloudFront~~	~~Per route~~	~~Public API responses~~false

~~Cache-aside~~

4.3 patternData Auto-Detection (L2):
db.ts)

async// functionAuto-detects getCachedUser(id:driver string):based Promise<User>on {DATABASE_URL env var
const cacheKeydriver = `user:${id}`process.env.DATABASE_URL ? 'pg' : 'sqlite';
  const cached = await redis.get(cacheKey);
  if (cached) return JSON.parse(cached);

  const user = await userRepository.findById(id);
  await redis.setex(cacheKey, 300, JSON.stringify(user)); // 5 min TTL
  return user;
}

5. Authentication Architecture

5.1 BankID OIDC Flow (Primary Auth)

~~Cache~~Auth ~~invalidation~~method: ~~strategy:~~Norwegian BankID — mandatory for all users. Email/password auth deprecated (returns 410 Gone).

Token: JWT (HS256), stored in drop_token httpOnly cookie (web) or Authorization Bearer header (mobile).

Token lifetime: 24h (web), 7d (mobile)

BankID Web Flow:

GET /api/auth/bankid → generate state + nonce, set bankid_state cookie, return redirect URL

User authenticates with BankID at provider

GET /api/auth/bankid/callback?code=&state= → verify state, exchange code for tokens, verify JWKS signature, parse pid, hash pid → SHA-256, find/create user, issue JWT cookie

User creation on first BankID login:

OnParse ~~update/delete:~~pid await(Norwegian redis.del(cacheKey)national ID, 11 digits) from ID token
~~Pattern-based:~~Hash pid with SHA-256 → awaitnational_id_hash ~~redis.del(~~column

KYC status automatically approved (BankID = verified identity)

Password set to sentinel 'user:*'EIDONLY' — no password login possible

Age verification: pid encodes date of birth — must be >= 18 years old.

5.2 Session Management

Login  → Create session record (SHA-256 of JWT) in sessions table
Request → requireAuth() checks: cookie present + JWT valid + session not revoked
Logout → revokeAllSessions(userId) — sets revoked=1 on all user sessions

5.3 CSRF Protection

Web: State parameter in BankID OIDC flow (httpOnly cookie)

API: Origin header validation in requireAuth() ~~(use~~against ~~sparingly~~allowed ~~— expensive)~~origins
~~Tag-based:~~Mobile: {{ioredis-tagN/A |(Bearer customtoken, tagging}}no cookies)

9.6. BackgroundMiddleware Job ProcessingStack

~~Library:~~ {{BullMQ | Agenda | pg-boss}} ~~Queue storage:~~ {{Redis | PostgreSQL}}

AppliedAllMerchant-onlyAuth

~~Queue~~Middleware	~~Job Types~~Function	~~Concurrency~~	~~Retry Policy~~To
`emailsrequireAuth()`	~~Welcome,~~CSRF ~~reset~~check ~~password,~~→ ~~notifications~~cookie extraction → JWT verify → user lookup → session revocation check	10	3protected ~~retries, exp. backoff~~routes
`uploadsrequireMerchant()`	~~Image~~`requireAuth()` ~~processing,~~+ ~~file~~role ~~conversion~~check (`role === 'merchant'`)	5	~~2 retries~~routes
`syncrateLimit(ip, limit)`	~~External~~Persistent ~~API~~IP-based ~~sync,~~counter ~~data~~via ~~aggregation~~`rate_limits` DB table, 60s window	3	5endpoints ~~retries~~(10/min), public rates (120/min)
`reportsgetClientIp()`	~~PDF~~Extract ~~generation,~~IP ~~exports~~from `x-forwarded-for`	2All rate-limited routes
`jsonError()`	1Standardized ~~retry~~JSON error response	All routes
`featureGate(flag)`	Returns 404 if feature flag disabled	Cards, spending limits, notifications
Input validation	`validateEmail`, `validatePhone`, `validateAmount`, `validateName`, `sanitizeText`, etc.	All mutation endpoints
Error handler	`AppError` class with predefined constructors	All routes via `createErrorResponse()`

7. API Design Principles

~~Job~~Consistent ~~schema:~~response envelope:


Success: interface{ EmailJob"data": { type: 'welcome' | 'password_reset' | 'notification';
  to: string;
  templateId: string;
  data: Record<string, unknown>;... } }

or { "data": [...], "pagination": { ... } }

Error: { "error": "code", "message": "...", "details": [...] }

~~Monitoring:~~No wallet model: Drop never holds funds. {{Bullbank_accounts.balance ~~Board~~is |AISP-read ~~BullMQ~~cache ~~Metrics~~only.
~~API}}~~

KYC gate: Remittance requires kyc_status === 'approved' — ~~admin~~enforced UIin atroute handler.

Atomic transactions: Balance deduction and transaction creation in a single DB transaction.

Data masking: Bank account numbers masked in responses ({{/admin/queues}}*****5678), card numbers PCI-masked.

GDPR by design: Data export, account deletion (soft delete), consent records all implemented.

Compliance-first: STR reports, AML alerts, audit log, complaint system (Finansavtaleloven §3-53), PITR retention (5 years per hvitvaskingsloven).

10.8. FileSecurity Storage & Media HandlingArchitecture

~~Storage provider:~~ {{AWS S3 | Cloudflare R2 | MinIO}} ~~Bucket naming:~~ {{company-project-env}} ~~(e.g.,~~ alai-app-production)

~~Upload flow:~~

~~Client requests pre-signed URL from API (~~POST /uploads/presigned)

~~API validates file type, size, generates pre-signed URL (expiry: 15 min)~~

~~Client uploads directly to storage (bypasses API server)~~

~~Client notifies API of upload completion (~~POST /uploads/confirm)

~~API validates file exists, creates database record, triggers processing job~~

~~File size limits:~~

~~Type~~Control	~~Max Size~~Implementation
~~Profile images~~Auth	5BankID MBOIDC (Norwegian eID) — mandatory
~~Documents~~Session tokens	25httpOnly, MBsecure, sameSite=strict JWT cookies
~~Videos~~Rate limiting	~~500~~Persistent MBDB-backed per-IP (10/min auth, 120/min public)
Input validation	Custom validators (no external dep) — email, phone, amount, IBAN, name (XSS-resistant)
SQL injection	Parameterized queries via `pg` / `better-sqlite3`
XSS	CSP headers (strict production — no unsafe-eval) + HTML sanitization in `sanitizeText()`
CSRF	Origin header validation + BankID state parameter
Secrets	AWS Secrets Manager / Fly.io secrets — never in code or .env
Error masking	`createErrorResponse()` masks internal errors in production
Password hashing	bcryptjs (legacy users)
Card data	PCI-masked (never expose full card number or CVV)
Audit trail	`audit_log` table — all sensitive actions logged
AML	`aml_alerts` + `str_reports` tables — compliance framework

11.9. LoggingExternal &Service ObservabilityIntegrations

~~Logger:~~ {{Pino}} ~~— structured JSON logs~~ ~~Log aggregation:~~ {{Datadog / Loki / CloudWatch}}

~~Log levels policy:~~

~~to use~~ ~~butorderdiagnostictracing~~

~~Level~~Service	~~When~~Status	Purpose
`error`Sumsub	~~Exceptions,~~PRODUCTION ~~failures~~(only ~~requiring~~connected ~~attention~~external service)	KYC/identity verification — WebSDK + webhook
`warn`BankID OIDC	~~Unexpected~~PRODUCTION	Norwegian ~~handled~~eID ~~situations~~authentication
`info`Open Banking (AISP/PISP)	~~Significant~~TBD ~~business~~— ~~events~~provider ~~(user~~selection ~~created,~~pending	Bank ~~placed)~~balance read + payment initiation
`debug`Swan Open Banking	~~Detailed~~DEPRECATED	Was ~~info~~planned, —no ~~dev/staging~~longer ~~only~~selected
`trace`Stripe Issuing	~~Verbose~~MOCK ~~request~~(future)	Card issuance — ~~never~~no inSDK, ~~production~~no API keys
Slack	PRODUCTION	Operational alerting via webhook
BetterStack	PRODUCTION	External uptime monitoring

~~Always~~

~~log:~~

~~Request:~~API ~~method, path, request ID, user ID (hashed), status code, duration~~Reference
~~Errors:~~Middleware ~~full stack trace, request context~~Design
~~Background~~Service ~~jobs:~~Design

~~job~~

External ~~ID,~~Services ~~queue,~~Integration

~~start/end,~~

Deployment ~~duration,~~Architecture

~~outcome~~

Authentication Source

~~Never log:~~

~~Passwords, tokens, API keys~~

~~Full request/response bodies with PII~~

~~Payment card data~~

12. Configuration Management

~~Pattern:~~ ~~Typed config module with validation on startup~~

// config/app.config.ts
const schema = z.object({
  NODE_ENV: z.enum(['development', 'staging', 'production']),
  PORT: z.coerce.number().default(4000),
  DATABASE_URL: z.string().url(),
  REDIS_URL: z.string().url(),
  JWT_SECRET: z.string().min(32),
  // ...
});

export const config = schema.parse(process.env);
// App fails FAST at startup if any required variable is missing/invalid

~~Secrets management:~~ {{HashiCorp Vault | AWS Secrets Manager | Doppler}} ~~NO secrets in environment files committed to git.~~

13. Health Check Endpoints

~~Endpoint~~	~~Type~~	~~Checks~~
`GET /health/live`	~~Liveness~~	~~Process is running~~
`GET /health/ready`	~~Readiness~~	~~DB connected, Redis connected, app ready~~
`GET /health/startup`	~~Startup~~	~~Migrations run, config valid~~

~~Readiness check response:~~

{
  "status": "ok",
  "checks": {
    "database": { "status": "ok", "latency": 3 },
    "redis": { "status": "ok", "latency": 1 },
    "queue": { "status": "ok", "pendingJobs": 12 }
  },
  "version": "1.2.3",
  "uptime": 3600
}

14. Architecture Diagram

graph TB
    subgraph "Clients"
        Web["Web App"]
        Mobile["Mobile App"]
    end

    subgraph "Infrastructure"
        LB["Load Balancer\n(Nginx / ALB)"]
        API["API Server\n({{FRAMEWORK}})"]
        Workers["Background Workers\n(BullMQ)"]
    end

    subgraph "Data"
        DB["PostgreSQL\n(Primary + Replicas)"]
        Cache["Redis\n(Cache + Queue)"]
        Storage["Object Storage\n(S3 / R2)"]
    end

    subgraph "Observability"
        Logs["Log Aggregation\n(Datadog / Loki)"]
        APM["APM / Tracing"]
    end

    Web --> LB
    Mobile --> LB
    LB --> API
    API --> DB
    API --> Cache
    API --> Storage
    API --> Cache
    Workers --> Cache
    Workers --> DB
    API --> Logs
    Workers --> Logs
    API --> APM

Approval

Alem

Role	Name	Date
Author	Platform Architect (AI)	2026-02-23
~~Backend Lead~~Reviewer
~~Tech Lead / Architect~~Approver
~~Security Reviewer~~	Bašić