556f74b196
Approved proposals:
- Data Model v1: Consolidated schema with PHI/PII classification
- Authentication System: OAuth2/OIDC with RBAC & pseudonym support
- Design System: Unified components with WCAG 2.2 AA+ compliance
Applied to specs:
- openspec/specs/data-model.md (updated with full schema)
- openspec/specs/authentication.md (new)
- openspec/specs/design-system.md (new)
- openspec/specs/architecture.md (added infrastructure references)
All infrastructure proposals now approved and ready for implementation.
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
2.6 KiB
2.6 KiB
Architecture & APIs
Status: approved Owners: Architecture
Overview
- Modular, domain‑driven architecture with clear boundaries and open APIs.
Modules
- Identity & Profiles, Forum, Content (Blog/Resources), Media (Podcast), Tribute, Commerce, Compliance, Platform (Design System + Apps), Integration.
Client platforms
- Mobile: Android/iOS (proposed: React Native/Expo or Flutter — to be decided via proposal)
- Web: Next.js/SSR or Flutter Web — parity is mandatory and defined per feature spec
Backend
- Proposed: API service with OpenAPI, Postgres primary store, object storage for media, search index for forum/content, queue for async tasks.
API standards
- REST+JSON with OpenAPI; WebSocket for realtime forum/presence; OAuth2/OIDC; rate limits; pagination; idempotency keys.
Data boundaries
- Strict separation of PHI/PII domains; audit and consent services.
Quality gates & SLOs
- SLOs: p95 API latency ≤ 300ms for read endpoints; p95 ≤ 600ms for writes; 99.9% uptime for auth and read APIs, 99.5% for writes.
- CI: OpenAPI validation, breaking‑change detection, security linters, dependency vulnerability checks.
- No PHI/PII in logs; redaction in place before merging.
Implementation notes
- Platform decision path: compare RN/Expo vs Flutter (mobile) and Next.js vs Flutter Web (web) in focused proposals; both must meet a11y and parity requirements.
- Feature flags for risky changes; explicit rollback procedures in each proposal.
Supporting Infrastructure Specs
Data Model
- Consolidated schema with all entities across features
- Field-level data classification (Public/PII/PHI)
- Relationships, indexing, retention policies
- See:
openspec/specs/data-model.md
Authentication & Authorization
- OAuth2/OIDC with RBAC and pseudonym support
- Session management, MFA, account security
- Compliance-friendly audit logging
- See:
openspec/specs/authentication.md
Design System
- Unified component library across Android/iOS/Web
- Design tokens (colors, typography, spacing)
- WCAG 2.2 AA+ accessibility built-in
- See:
openspec/specs/design-system.md
Decisions
- <record cross‑cutting decisions here>
Client platform decisions
- Mobile: React Native + Expo (TypeScript). Rationale: strong a11y ecosystem, mature tooling, and DX. Notes: Expo modules; E2E via Detox; push via Expo/FCM/APNs.
- Web: Next.js (SSR). Rationale: semantic HTML, SEO, CWV, and ecosystem maturity. Notes: App Router, server actions; sitemap, RSS for blog/resources.
Decision log
- 2025-11-17 — Mobile stack: React Native + Expo.
- 2025-11-17 — Web stack: Next.js (SSR).