This solution will to be able to track vehicles position using GPS navigation. A device emboarded in a vehicle, will communicate with this API to register the vehicle and update its position.
The API gateway will recieve requests from the any client facing Application and direct them to their respective API endpoint where it will processed. Identity and Role information will be stored on the SQL Database, while the Vehicle and it's location information will stored on the Non relataional (Cosmos Databases)
-
Scalability: There will be 10,000 vehicles equipped with the device recording their location every 30 seconds. We need to ensure the solution is scalable and the database correctly designed for that amount of records.
-
Extensibility: If the customer wants to store more properties (fuel, speed, etc.). How do we extend the data model to support it?
-
Security: We need to ensure a device or user cannot update the position of another vehicle .
Keeping the considerations in mind, this solution was developed.
To ensure scalability and ease of extending the database solution for future a non relational database was selected. Unlike a traditional SQL database, it's needless to update the schema eachtime. However I had to make use of SQL databases for storing user registration and roles information
For security I ensured encoding user registration email,role infomation(user/admin) vehicle registration into JWT tokens,which will be used on subsequent requests to authenticate a user or an admin
In addittion I have implemented the following.
-
API Gateway: In order provide security to the API considering overuse and abuse and for more control over monitoring the usage.This also comes with a developer portal experience so that the developer can test the APIs on the browser prior integration.
-
CI/CD pipeline: Using Github actions all the changes I pushed to repository will be build and it's binaries willl deployed to the API directly cutting any manual work of publishing APIs and identifying problems early.
-
Logging/Monitoring: I have enabled the use log streaming and application insights to monitor all incoming requests, thereby easier for investigating any failures or anomalies.
-
Validation: Using Fluent validation APIs to validate all incoming request bodies.
-
API documentation: For a seemless integration experience, API documentation is valuable. I have enabled Swagger API documentation for all requests.
https://dev-vehicletrackingapim.developer.azure-api.net/
Note: Click on Explore API button to see the list of the APIs
-
Please copy and replace the appSetting.json file provide via email.
-
Open the solution on Visual Studio 2019 or later.
-
Build the solution.
-
Run solution.
-
Use swagger Try out option/Postman rest client to test locally.
-
For security concerns only an existing admin user can create another admin user, to check the credentials of an existing admin user please refer to appSettings.json file