16 KiB
16 KiB
SYSTEM_ARCHITECTURE.md — Full System Architecture
Layer Architecture
┌────────────────────────────────────────────────────────────────────┐
│ UI LAYER (Flutter Widgets) │
│ │
│ siro_rider: │
│ Routes: /, /shareApp, /wallet, /profile, /contactSupport │
│ Screens: SplashScreen, LoginPage, MapPagePassenger, Wallet, etc. │
│ │
│ siro_driver: │
│ Routes: /, /OrderRequestPage, /passenger-location-map │
│ Screens: SplashScreen, LoginPage, PassengerLocationMapPage, etc. │
│ │
│ siro_admin: │
│ Routes: /login, /admin/dashboard, /admin/captain, /admin/rides │
│ │
│ siro_service: │
│ Service agent app for driver registration & management │
└──────────────────────┬─────────────────────────────────────────────┘
│ GetX (Get.find, Get.put, Obx)
┌──────────────────────┴─────────────────────────────────────────────┐
│ STATE LAYER (GetX Controllers) │
│ │
│ Controllers are registered in: AppBindings (permanent) │
│ │
│ Rider: │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ MapEngineController → Map rendering, camera, markers │ │
│ │ MapSocketController → WebSocket lifecycle management │ │
│ │ RideLifecycleController → Ride state machine (RideState enum)│ │
│ │ LocationSearchController → Place search & autocomplete │ │
│ │ NearbyDriversController → Nearby driver list management │ │
│ │ UiInteractionsController → Bottom sheets, dialogs │ │
│ │ LoginController → Auth & JWT management │ │
│ │ PaymentController → Payment processing │ │
│ │ SplashScreenController → App init & auth check │ │
│ └─────────────────────────────────────────────────────────────┘ │
│ │
│ Driver: │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ HomeCaptainController → Online/offline, ride management │ │
│ │ MapSocketController → WebSocket ride offers │ │
│ │ NavigationController → Turn-by-turn navigation │ │
│ │ BackgroundServiceHelper → Android foreground service │ │
│ │ LocationController → GPS tracking │ │
│ └─────────────────────────────────────────────────────────────┘ │
└──────────────────────┬─────────────────────────────────────────────┘
│ Dependency Injection via GetX
┌──────────────────────┴─────────────────────────────────────────────┐
│ REPOSITORY LAYER (CRUD + Services) │
│ │
│ CRUD class (siro_rider/lib/controller/functions/crud.dart) │
│ - post() → Main API POST with JWT + Device-FP headers │
│ - get() → API GET (POST method) with retry logic │
│ - postWallet() → Payment server POST with JWT + HMAC + FP │
│ - getWallet() → Payment server GET with JWT + HMAC + FP │
│ - sendWhatsAppAuth() → WhatsApp OTP delivery │
│ - getAgoraToken() → Agora voice/video call tokens │
│ - getLlama() → Llama AI data extraction │
│ - getChatGPT() → OpenAI GPT data extraction │
│ - arabicTextExtractByVisionAndAI() → Azure OCR │
│ - getGoogleApi() → Google Maps API wrapper │
│ - getHereMap() → Here Maps API wrapper │
│ - getMapSaas()/postMapSaas() → Custom map service │
│ - sendVerificationRequest() → Twilio verification │
│ - postPayMob() → PayMob payment gateway │
│ │
│ NetGuard (network/connection_check.dart) → Internet monitoring │
└──────────────────────┬─────────────────────────────────────────────┘
│ HTTP Calls
┌──────────────────────┴─────────────────────────────────────────────┐
│ SERVICE LAYER (PHP Backend) │
│ │
│ Main API: api.intaleq.xyz/intaleq_v3 │
│ Ride API: rides.intaleq.xyz/intaleq │
│ Location API: location.intaleq.xyz/intaleq/ride/location │
│ Payment API: walletintaleq.intaleq.xyz/v2/main │
│ Map SaaS: map-saas.intaleqapp.com/api │
│ OSRM Route: routec.intaleq.xyz / routesy.intaleq.xyz │
└──────────────────────┬─────────────────────────────────────────────┘
│ MySQL + WebSocket
┌──────────────────────┴─────────────────────────────────────────────┐
│ DATA LAYER (MySQL Databases) │
│ │
│ Database: intaleqDB1 (primary) │
│ Database: intaleq-ridesDB (ride-specific) │
│ Tables: 60+ tables covering users, rides, payments, etc. │
└─────────────────────────────────────────────────────────────────────┘
Dependency Graph
Rider App (siro_rider) ───→ Main API ─────→ intaleqDB1
├──→ Map SaaS ───────→ Custom Map Service
├──→ OSRM ───────────→ OpenStreetMap
├──→ Payment API ────→ Wallet DB
├──→ Firebase ───────→ FCM
├──→ WebSocket ──────→ Ride Socket Server
└──→ Google Maps ────→ Google APIs
Driver App (siro_driver) ───→ Main API ─────→ intaleqDB1
├──→ Location API ───→ car_locations
├──→ Payment API ────→ Wallet DB
├──→ WebSocket ──────→ Driver Socket Server
├──→ Firebase ───────→ FCM
└──→ Google Maps ────→ Google APIs
Admin App (siro_admin) ────→ Main API ─────→ intaleqDB1
├──→ Payment API
├──→ Firebase
└──→ Internal Services
Socket Server (socket_intaleq) ──→ MySQL
├──→ driver_socket.php ──→ Driver Socket.IO
└──→ passenger_socket.php ──→ Passenger Socket.IO
Ride Server (rides.intaleq.xyz) ──→ MySQL (intaleq-ridesDB)
Location Server (location.intaleq.xyz) ──→ MySQL (car_locations)
Payment Server (walletintaleq.intaleq.xyz) ──→ Wallet MySQL
External Services
| Service | Integration Point | Auth Method | Purpose |
|---|---|---|---|
| Google Maps | https://maps.googleapis.com/maps/api/ |
API Key | Map rendering, geocoding |
| Here Maps | https://autosuggest.search.hereapi.com/v1/autosuggest |
API Key | Place autocomplete |
| Map SaaS | https://map-saas.intaleqapp.com/api/ |
x-api-key | Custom routing, geocoding |
| OSRM Server | https://routec.intaleq.xyz/route |
None | OpenStreetMap routing |
| Firebase | Firebase SDK | google-services.json | FCM, Analytics, Crashlytics |
| PayMob | PayMob SDK | API Key + HMAC | Payment gateway (Visa/Mastercard) |
| Twilio | Twilio Verify API | Account SID + Auth Token | SMS OTP verification |
| WhatsApp Cloud | Graph API | OAuth Token | WhatsApp OTP delivery |
| Azure OCR | https://ocrhamza.cognitiveservices.azure.com/ |
Subscription Key | Document text extraction |
| OpenAI | OpenAI API | API Key | Document data extraction (GPT-3.5) |
| Llama AI | Llama API | Bearer Token | Document data extraction |
| Agora | Agora SDK | App Certificate | Voice/video calls |
| SMS Kazumi | https://sms.kazumi.me/api/ |
API Key | SMS provider (Egypt) |
Security Architecture
Authentication
| Mechanism | Implementation |
|---|---|
| JWT | Custom JWT tokens issued at login, validated on each request |
| Fingerprint | Device fingerprint hashed with SHA-256, stored in JWT payload |
| HMAC | HMAC authentication for payment server requests |
| Bearer Tokens | Standard Bearer token in Authorization header |
| Social Auth | Google Sign-In, Apple Sign-In |
Authorization
- Role-based: Passenger, Driver, Admin, Service Agent
- Device Binding: X-Device-FP header verified against JWT fingerprint claim
- Wallet Auth: Separate JWT + HMAC for payment operations
Token Handling
| Token | Storage | Expiry | Refresh |
|---|---|---|---|
| JWT (main) | GetStorage | 1 hour (default) | getJWT() auto-refresh on 401 |
| JWT (wallet) | GetStorage | 1 hour | getJwtWallet() auto-refresh |
| FCM Token | GetStorage + DB | Firebase-managed | On app start |
| Refresh Token | FlutterSecureStorage | Long-lived | On login |
Encryption
- AES-256-CBC: Custom encrypt/decrypt for sensitive data
- SHA-256: Device fingerprint hashing
- Base64: Basic auth credentials encoding
- SSL/TLS: All API calls over HTTPS
Secure Storage
| Data | Storage Method |
|---|---|
| JWT tokens | GetStorage (encrypted box) |
| Refresh tokens | FlutterSecureStorage (Keychain/Keystore) |
| Fingerprint | GetStorage (encrypted) |
| HMAC keys | GetStorage (encrypted) |
Session Management
- Auto-logout on token expiry (401 response)
- Fingerprint migration tools in admin panel
- Login attempt rate limiting (
login_attemptstable)
Caching Strategy
| Cache Type | Implementation | Data Cached |
|---|---|---|
| GetStorage (Local) | Key-value store in app sandbox | JWT, user ID, preferences, ride state |
| FlutterSecureStorage | OS-level encrypted storage | Refresh tokens, sensitive data |
| SQLite (DbSql) | Local SQLite database | Offline maps, ride history |
| Memory Cache | GetX controller state | Active ride data, driver list, map markers |
| Server Cache | MySQL + Query Cache | Driver locations (car_locations), places |
| In-Memory (NetGuard) | Singleton notification state | Network error debouncing |
WebSocket Architecture
┌──────────────┐ ┌──────────────────┐ ┌──────────────┐
│ Rider App │◄───────►│ Passenger Socket │◄───────►│ MySQL DB │
│ │ │ (PHP) │ │ │
└──────────────┘ └──────────────────┘ └──────────────┘
│
│ (Internal IPC)
│
┌──────────────┐ ┌──────────────────┐ ┌──────────────┐
│ Driver App │◄───────►│ Driver Socket │◄───────►│ MySQL DB │
│ │ │ (PHP) │ │ │
└──────────────┘ └──────────────────┘ └──────────────┘
Socket Events:
driver_location_update— Real-time driver GPS to passengerride_accepted— Driver accepted notificationride_cancelled— Ride cancellation eventride_finished— Ride completion eventpassenger_location— Passenger location (for driver)driver_online/driver_offline— Online status changes
Admin Module Structure
| Module | Controller | Views |
|---|---|---|
| Dashboard | DashboardController, DashboardV2Controller |
admin_home_page.dart |
| Captain Management | CaptainAdminController |
captain.dart, captain_details.dart |
| Passenger Management | PassengerAdminController |
passenger.dart, passenger_details_page.dart |
| Ride Management | RideAdminController, RideLookupController |
rides.dart, ride_lookup_page.dart |
| Financial | FinancialV2Controller |
financial_v2_page.dart |
| Analytics | AnalyticsV2Controller, StaticController |
advanced_analytics_page.dart |
| Complaints | ComplaintController |
complaint_list_page.dart |
| Pricing/Kazan | KazanController |
kazan_editor_page.dart |
| Promotions | PromoController |
promo_management_page.dart |
| Wallet | WalletAdminController |
wallet.dart |
| Driver Docs | DriverDocsController |
driver_documents_review_page.dart |
| Security | SecurityV2Controller |
audit_logs_page.dart |
| Quality | QualityController |
blacklist_page.dart, driver_scorecard_page.dart |
| Staff | StaffController |
add_staff_page.dart, pending_admins_page.dart |
| Server Monitor | ServerMonitorController |
monitor_server_page.dart |
| Invoices | GetAllInvoiceController |
invoice_list_page.dart |