This simple app is create just to demonstrate usage of Next.js with aws Lambda backend and postgress database connected via drizzle orm.

• General: Typescript
• Client: Next.js
  • Pages router
  • MUI material UI components
  • Wagmi and web3modal for wallet connection
  • Vercel for deployment
  • Jotai - atom based state management
• HTTP REST API: NodeJS
  • AWS Lambda
  • Drizzle ORM for Postgress using Neon
  • Cloudformation & aws Typescript starter for deployment

• Database:
  • Configure data base on your server or managed solution (e.g Neon or RDS)
  • get connection url from there
• Server:
  • cd be
  • npm install
  • npm run build
  • make sure that you have AWS credentials and cli setup and redy for usege
  • ./1-create-bucket.sh to create bucket for deployment
  • ./2-deploy.sh to deploy the app to aws lambda
  • set up env variables in aws lambda console
    • DATABASE_URL - connection url to your database
• Client:
  • cd fe
  • setup .env file with NEXT_PUBLIC_API_URL pointing to your lambda endpoint
  • npm install
  • npm run dev

• Database:
  • No tradeoff taken, Neon in comparison to AWS RDS just easier to setup and 100% free no mater what happens
  • Drizzle is much better ORM than Prisma as it has query builder and more "native" approach to SQL databases , so not introduces too much custom syntax and other things
• Authentication:
  • Main trade off in this solution, there is very limitted security layer on front-end that just matches wallet number to user
  • Proper solution should have vendor integration with smth like Auth0 or privy.io . In case if wallet connection is priority as well I would go to privy, because of web3 wallets support, while Auth0 is more for email/OTP based auth
  • this will result in need to operate with JWT tokens
  • on front-end then middleware from next-auth should be used, which will automatically handle if user is authenticated otherwise redirect to login page
  • on backend, middleware should be used to verify JWT token and extract user id from it
  • basing on user id extracted middleware should be written that will check resource ownership for edit and delete routes
  • token will be generated by authentication provider
  • backend will decode it using secret
  • this is pretty typical solution for auth in modern web apps, nevertheless it is not implemented here because of time constraints
  • Please check diagram in login_approach.png for more details
• Front-end:
  • Not so much tradeoffs here, just simple MUI components and Next.js pages
  • UI could be more fancy, but it is not the main goal of this project. I hope it is just clean and functional
• Backend:
  • middlewares for simplifying bodyparsing and HTTP method handlers management could be implemented / reused from some library