LIA's Hyperlocal Mission

LIA, a hyperlocal employability platform for a remote Brazilian coastal district, is designed to connect local retail jobs, gigs, and build a reputation layer, all prioritized by proximity. Unlike national job boards, LIA focuses on immediate, local opportunities.

Implementing Clean Architecture for Scalability

The backend of LIA is structured using a strict Clean Architecture pattern. This approach enforces a unidirectional dependency flow: outer layers depend on inner layers, never the reverse. This separation of concerns is crucial for maintainability and testability as the platform grows.

The core directory structure reflects this:

backend/src/
├── domain/
│   ├── entities/
│   └── repositories/       # interfaces only
├── application/
│   ├── dto/
│   └── use-cases/
├── infrastructure/
│   ├── database/
│   └── repositories/       # Prisma implementations
├── presentation/
│   ├── controllers/
│   └── routes/
└── main.ts

This layered approach ensures that the core business logic (domain) remains independent of external concerns like databases or web frameworks. The application layer orchestrates use cases, while the infrastructure layer handles concrete implementations, such as database interactions with Prisma. The presentation layer interfaces with the outside world via controllers and routes.

Secure Password Hashing with Argon2id

A critical component of user registration is secure password handling. LIA employs Argon2id, the winner of the Password Hashing Competition, for its robust security features. Argon2id is resistant to GPU cracking, time-memory trade-offs, and other sophisticated attacks that plague weaker hashing algorithms like bcrypt or MD5.

The decision to use Argon2id was deliberate, prioritizing long-term security over marginal performance gains. The implementation details, extracted directly from the repository, showcase how this security measure is integrated into the registration flow. This involves configuring Argon2id with appropriate parameters for memory, iterations, and parallelism to balance security with acceptable performance for the registration process.

The RegisterUserUseCase

The RegisterUserUseCase orchestrates the user registration process. It receives user data, validates it, hashes the password using Argon2id, and then interacts with the domain's repository interfaces to persist the new user. This use case resides in the application layer, ensuring it remains framework-agnostic.

The use case would typically involve steps such as:

  • Receiving registration data (username, email, password) via a DTO (Data Transfer Object).
  • Validating the input data for format, length, and required fields.
  • Checking if a user with the given email or username already exists, leveraging the domain repository interfaces.
  • Hashing the provided password using the configured Argon2id algorithm.
  • Creating a new user entity with the validated and hashed data.
  • Persisting the new user entity using the domain's user repository interface.
  • Returning a success or failure response, potentially including the newly created user's ID or a confirmation token.

This layered and secure approach ensures that LIA's user registration is not only functional but also built on a foundation of robust security practices, making it resilient against common credential-based attacks.

Fastify and Prisma Integration

The Fastify framework provides the web server capabilities for LIA, handling incoming HTTP requests and routing them to the appropriate controllers. Prisma serves as the Object-Relational Mapper (ORM), simplifying database interactions. The infrastructure layer contains the Prisma client and the concrete repository implementations that translate domain repository interfaces into Prisma queries.

This setup allows developers to focus on the business logic within the domain and application layers, abstracting away the complexities of web requests and database operations. The separation ensures that if the web framework or database technology needs to be swapped in the future, the core logic remains unaffected.

Future Iterations

This first part focuses on the foundational implementation of the registration flow. Subsequent parts will likely explore other features of LIA, such as the gig matching algorithm, reputation system, and further refinements to the architecture and security measures. The current implementation sets a strong precedent for building a secure, scalable, and maintainable application.