Technical Architecture

Overview

The Conference Expo Portal v2.0 will be built as a modern web application using a monolithic backend architecture with a separate frontend application. This approach provides a good balance between development efficiency and scalability for our current needs. The system consists of:

A NestJS-based backend API that handles all business logic, data processing, and external service integrations
A Nuxt.js frontend application that provides the user interface
Managed services for database, caching, and file storage

This document outlines the technical architecture, technology choices, and infrastructure design.

System Architecture

The system will be built on DigitalOcean's infrastructure, comprising:

Frontend: Nuxt.js application
Backend: NestJS API
Database: Managed PostgreSQL
Cache/Queue: Managed Valkey
Storage: DigitalOcean Spaces
Load Balancing: DigitalOcean Load Balancer

Technology Stack

Frontend

Framework: Nuxt.js 4.x
- Vue.js 3.x
- TypeScript
- Tailwind CSS 4.x
- Composition API
Key Features
- Server-side rendering
- Type safety with auto-generated TypeScript SDK (Orval)
- Component-based architecture
- Responsive design
- State management
- Form handling
- File upload management, including chunking of large (1 GB+) files
- Type-safe API client with full IntelliSense

Backend

Framework: NestJS 11.x
- Node.js 22.x LTS
- TypeScript
- REST API architecture
- OAuth 2.0 authentication
- TypeORM
- Swagger/OpenAPI auto-generation
Key Features
- Business logic implementation
- Data validation with class-validator
- Authentication with Passport
- File processing
- Background jobs with Bull
- External service integration
- Automatic API documentation generation

Database

Technology: DigitalOcean Managed PostgreSQL
- High availability
- Automated backups
- Query optimisation
- Database migrations with TypeORM
- JSON/JSONB support for flexible data structures
- Full-text search capabilities

Infrastructure

Hosting: DigitalOcean
- App Platform for frontend
- Droplets for backend
- Managed services
- Load balancer
- CDN integration
Deployment
- Automated CI/CD
- Zero-downtime deployments
- Environment-based configuration
- Health monitoring

Security Architecture

Authentication

OAuth 2.0 via Passport.js
- Password grant for first-party Nuxt.js application
- Authorization code grant for third-party API clients
- Client credentials grant for server-to-server integrations
Token-based authentication
- JWT tokens for stateless authentication
- Short-lived access tokens (15 minutes) for API requests
- Long-lived refresh tokens (30 days) for session persistence
- Refresh tokens stored in HttpOnly cookies (XSS protection)
- Access tokens used in Authorization headers
Stateless API design
- No server-side session storage
- Token validation on each request
- Token introspection for permission checks
Token management
- Automatic token refresh via Nuxt middleware
- Token revocation on logout
- Immediate invalidation when account status changes
Role-based access control
- User roles: administrator, organiser, sponsor
- Permission scopes for third-party applications
- Granular API endpoint protection using NestJS Guards
Security measures
- Rate limiting on authentication endpoints using @nestjs/throttler
- Progressive delays after failed login attempts
- Temporary account lockout after excessive failures
- Audit logging of all authentication events

Data Protection

SSL/TLS encryption
Database encryption
File encryption
Secure headers
DDoS protection

Integration Points

External Services

Stripe
- Payment processing using hosted Checkout
Nimlogix API
- Stand design integration
- Artwork requirements
- Artwork review and approval/rejection

Development Approach

Code Organisation

Domain-driven design within monolithic structure
- Clear separation of business domains (events, stands, artwork, payments)
- Domain-specific models, services, and controllers
- Shared infrastructure and utilities
Type definitions
API client generation
- Swagger/OpenAPI documentation auto-generated by NestJS
- TypeScript SDK auto-generated for frontend using Orval
- Type-safe API calls with full IntelliSense support
- Automatic synchronization between backend and frontend types
Automated testing

Deployment Strategy

Continuous integration
Automated testing
Environment-based deployments
- Development environment for active development
- Staging environment for pre-production testing
- Production environment with zero-downtime deployments
Environment-specific configuration
Monitoring and logging

Performance Considerations

Caching strategy
Database optimisation
CDN integration
Load balancing
Background job processing

Monitoring and Observability

Application monitoring
Error tracking
Performance metrics
Database monitoring
Alert management

Future-Proofing

Domain-driven design implementation
- Business domains (events, stands, artwork, payments) as separate modules within the monolithic application
- Clear boundaries between domains using interfaces and service classes
- Domain-specific models and repositories
- Shared infrastructure for cross-domain concerns
- Preparation for potential future service extraction
API versioning
- Versioned API routes (e.g., /api/v1/stands, /api/v2/stands)
- Backward compatibility for existing clients
- Deprecation strategy for old versions
Extensible architecture
- Service interfaces for external integrations
- Event-driven architecture for domain communication
- Plugin system for extending functionality
Scalable infrastructure
- Horizontal scaling of application servers
- Database read replicas
- Caching strategy
Maintainable codebase
- Comprehensive documentation
- Automated testing
- Code quality tools
- Regular dependency updates

For detailed API specifications, see the API Documentation. For database schema details, refer to the Database Schema.