System Design Document

1. Purpose and Overview

The Teamster web application is designed to manage promotional campaigns and simplify the workflow for Coinstore, a cryptocurrency exchange. The app serves three types of users: Admin, Community Managers (CM), and Teamsters (workers). Teamsters promote campaigns on social media, submit post links, and receive evaluations, while Admins and CMs manage and evaluate submissions. The application automates key processes like submission, validation, and performance evaluation, reducing manual effort and errors.

2. Functional Requirements

The application supports the following core functionalities:

• User Authentication & Authorization: Admin, CM, and Teamsters can log in, reset passwords, and modify personal details.
• Campaign Management: Admins can create and manage regular, campaign, and special promotions. Each promotion contains title, description, banner, and deadlines.
• Post Submissions: Teamsters submit social media post links based on promotional campaigns. They can submit up to two posts per day with 12-hour intervals.
• Automated Scraping: Admins can scrape likes, comments, and views of social media posts using built-in scraping tools.
• Evaluation: CMs evaluate Teamster submissions by marking posts as valid or invalid and assigning performance marks.
• Reporting & Payment: Admins can export Teamster performance data to Excel for payroll purposes.

3. Non-Functional Requirements

• Performance: The system must support up to 1,000 concurrent users, with a target response time under 500 ms for all major operations.
• Scalability: As the application follows a monolithic architecture, it supports vertical scaling to handle increased load.
• Security: The application must protect user data with strict input validation, bcrypt password hashing, and HTTPS encryption.

4. System Architecture

Teamster follows a monolithic architecture, with tightly integrated components for user management, promotions, submissions, and scraping. The system is hosted on a DigitalOcean Linux server with Caddy as the reverse proxy for load balancing and caching.

• Frontend: HTML, CSS (PicoCSS framework), and JavaScript.
• Backend: Written in Go, utilizing several packages for REST routing, middleware, job scheduling, and WebSockets.
• Database: PostgreSQL stores user, promotions, and submission data.
• Middleware: justinas/alice for middleware chain management.
• gorilla/websocket for real-time scraping updates.

5. Data Flow and Models

User Login & Access: Upon login, users are directed to dashboards based on their role (Admin, CM, or Teamster).

• Admin: Manages promotions, users, and scraping operations.
• CM: Views and evaluates Teamster posts.
• Teamster: Submits social media post links and tracks progress.

Data Submission & Scraping:

• Teamsters submit post links, which are stored in the promotions table.
• The scraping tool fetches post performance data (likes, comments, views) from social media platforms.
• Scraping data is logged and can be reviewed by CMs for evaluation.

Key Data Tables:

• users: Stores user information (credentials, roles).
• promotions: Tracks promotions/campaigns created by Admin.
• submissions: Stores post links and performance data from Teamsters.
• evaluations: Records CMs' validation marks for each post.

6. Technology Stack

• Backend: Go (with httprouter, gocron, gorilla/websocket)
• Frontend: HTML, CSS (PicoCSS), JavaScript.
• Database: PostgreSQL for relational data storage.
• Server & Proxy: DigitalOcean for hosting, Caddy for reverse proxying and load balancing.
• Security: HTTPS for encrypted communication, CSRF tokens, bcrypt for password hashing, and role-based access control (RBAC).

7. APIs and Endpoints

The system provides REST APIs for all operations:

• User Management API: Handles user login, password resets, and role-based access controls.
• Promotion Management API: Allows Admins to create, update, and manage promotions.
• Submission API: Used by Teamsters to submit post links.
• Scraping API: Admin uses API credentials to scrape post performance data (likes, comments, views) from social media platforms like Twitter.

8. Security Considerations

• Password Protection: Passwords are hashed with bcrypt to ensure secure storage.
• Session Security: Secure session management uses HttpOnly and SameSite cookies, with CSRF tokens to prevent cross-site attacks.
• Data Encryption: All data transmitted between the client and server is encrypted using TLS/SSL.
• Input Validation: Strict validation of all inputs, with protection against SQL injection, XSS, and CSRF.

9. Deployment and Scalability

• Hosting: The application is deployed on a DigitalOcean Linux server.
• Reverse Proxy: Caddy is used for handling load balancing, SSL/TLS, and caching.
• Scaling: As a monolithic application, the system scales vertically by increasing the resources (CPU, RAM) allocated to the server.

10. Challenges and Future Enhancements

Challenges:

• Verifying that the post link actually belongs to the Teamster remains a manual process, which introduces the possibility of fraud.
• Handling large volumes of submissions (e.g., 4,000+ per promotion) and ensuring performance.

Future Enhancements:

• Add validation checks to confirm that post links match the Teamster’s social media account.
• Explore horizontal scaling or refactor to microservices for improved scalability.
• Add integration with additional social media platforms for broader campaign support.

• Live Site
  • Admin Username & Password: mainuser@gmail.com, 12345678
  • CM Username & Password: cmuser@gmail.com, 12345678
  • Teamster Username & Password: user1@gmail.com 12345678