Cora Chat Engineering

Introducing Cora Chat

Do you find it bothersome to have separate applications for communicating to your colleagues? Are you aware of any other community service businesses that provide integrated seamless chat applications? If you have, which I doubt, does it look visually pleasing, provide prompt user friendliness and the ability to update, add or delete features within it? These were the questions our team asked to a multitude of people within the industry, we received a plethora of positive responses and then our dev team went to work.

Main Features of Cora Chat

Diversity Sync’d derives its core values from its inherent flexibility to build features that suit your business. Considering effective communication is vital to any organization and with the goal to further improve the fluidity and integration of important features, we are ecstatic to introduce Cora Chat.

Cora Chat is a serverless real-time chat feature built with AWS AppSync and the AWS AppSync SDK for JavaScript. As we are all aware, internet connections can sometimes be unreliable, with clients connected to a variety of connection types including, 3G, LTE, Wi-Fi, and more, or even offline. Therefore, within our core development considerations we have prioritized consistent user experience across any connection type. Furthermore, considering Diversity Sync’d is available on both the web and mobile, the introduction of Cora Chat will allow our clients to seamlessly switch between their devices to suit any working environment, which has all been made possible through AppSync’s real-time and offline capabilities.

Why We Chose AppSync & GraphQL

AppSync has been proven to be an effective tool for large companies to build with, boasting an impressive clientele, including Sky Italia to deliver real-time sports updates, BMW Group to build scalable and universal APIs, as well as HyperTrack for real-time data processing for live location tracking, whilst also including streaming services like Peacock.

Essentially AppSync provides simple and secure data access, allowing developers to seamlessly prototype, build, and deploy robust, collaborative, multi-user users by simplifying data retrieval and manipulation across many data sources, with no servers to manage. When devices are connected, AppSync keeps data updated, however it also allows developers to create offline solutions by caching data locally and synchronizing it when connections are available. Therefore, offline capability allows Cora Chat to interact with data whilst user’s devices are offline, albeit remaining usable when network connectivity is lost. Thus, providing Cora Chat users with access to conversation history and the ability to queue outbound messages, despite the connection status of the device.

AppSync achieves its full capabilities through using a data language called GraphQL to develop APIs. AppSync provides GraphQL with securely connected data sources such as DynamoDB, Lambda, and others, providing a fully managed service that makes developing GraphQL APIs simple. Other pertinent services allow the integration with AWS Identity and Access Management and Amazon Cognito User Pools, so you can get fine grained permissions on GraphQL operations and keep users and app data secure. In short, AppSync is a fully managed serverless GraphQL solution that enables real-time data queries, synchronisation, communications, and offline programming.

GraphQL is a type system for defining schemas that works at the application layer. These schemas serve as specifications for how operations on the data should be carried out and how the data should be organised when it is retrieved. GraphQL has been an important language within development, allowing our developers to request, change, and subscribe to the exact data needed, all within a single network request. Interconnecting AppSync’s real-time and offline capabilities with GraphQL’s responsive data query language for querying data sources through dynamic query executions served as the key tools to the success of Cora Chat.

Our Objectives

Our main objectives with Cora Chat remain consistent from research and development to user use. We have focused on Modernized Modelling to ensure the best design patterns and our service choices are optimal and up to date, with our second focus on Decompartmentalizing our folders, files, databases and functions to allow for complete flexibility of code, and finally, arguably the most important is consistent and reliable Security practices.

1. Modernized Modelling

AWS AppSync provides superior scalability to hold thousands of conversations within our secure Dynamo Databases. Logical and easy to follow logistics of code functionality, to be able to integrate other technologies we may use in the future. AWS AppSync integrates into popular mobile application frameworks including iOS, Android and JavaScript, and automatically enables Cora Chat for real-time and offline functionality. Our goal to adopt more modern patterns and technologies, and for our mobile app a significant overhaul of our apps may be required. We’ll talk about those phases of the project, and the result of the initiative as a whole within our mobile release post.

2. Decompartmentalise to Allow Flexibility

Allow for all code to be easily updated, added or deleted. Breaking into smaller components improves code maintainability and readability, as well as can reduce build times. Also improves collaboration when working, fixing or updating features. As well as dealing with bugs. Developers quickly realised the importance, and benefits to time management decompartmentalization achieves. Within early development of Cora Chat, majority of our components were all packed into one file, with multiple other files scattered within the same folder. Whilst naming conventions helped navigate, switching to a more decompartmentalised structure improved the development experience, resulting in a more streamlined production environment.

3. Security

At Diversity Sync’d we pride ourselves of ensuring our users data is protected from data theft. To achieve our information security goals we use the CIA triad as a guide to protecting valuable information from unauthorized access, modification and distribution. The CIA triad has the goals of confidentiality, integrity and availability. Confidentiality is the protection of information from unauthorized access, meaning only those who are authorized are allowed to have access to the information. The goal of integrity is to ensure no information is altered or changed, unless authorized changed are made. An example of this within Cora Chat is that, the messages you receive from the sender are not altered by an unauthorized attacker, for example Man-in-the-middle-attack. Lastly, the goal of availability is that information needed is available when and where required. For example, if an authorized user required access to their conversation between another authorized user, to meet the goal of availability, the user must have access to this conversation when necessary. In conjunction with our main information security goals, further mitigation to attack on our Cora Chats security will be implemented. Hiring trusted penetration testers that we have worked with for other features of Diversity Sync’d, will assist our team to identify and resolve security vulnerabilities.

Let’s Get Technical

Cora Chat Architecture

To communicate with the backend data sources, the AWS AppSync SDK for JavaScript was used. Then there’s GraphQL, where a GraphQL schema defines the AWS AppSync API and resolvers are connected with queries and mutations. These resolvers use request and response mapping templates to read data from and write to defined data sources. Within Cora Chat, four Amazon DynamoDB tables have been used:

1. User Table: To store users Cognito Id, username, and registered status

2. Message Table: To store messages correlating to users and conversations

3. Conversation Table: To store conversations name, users and messages within conversation

4. User Conversation Table: To store associated users with a conversation

Data Model

This model illustrates that any one user can have many user conversations with registered users, and each user conversation is associated with one conversation. Where one conversation can have many user conversations and many messages within a conversation. To make all this possible we utilize GraphQL’s operations, including, Queries, Mutations and Subscriptions. Where queries were used to fetch the list of users, related conversations and messages. Mutations to create users, messages, conversations, and user conversations. Subscriptions were used to listen to mutations to automatically retrieve new users, messages and user conversations.

Attachments

Cora Chat allows users to upload, send and download attachments within conversations. This has been made possible through the use of AWS Lambda, Simple Storage Service (S3) and API Gateway. Cora Chat utilized an Amazon S3 bucket to store user’s attachment files when sent as a message. When uploading files to S3, Cora Chat have a presigned URL generated through a Lambda function interconnected through API Gateway to give access to the object identified. Considering buckets are private by default, presigned URLS allow Cora Chat users to upload a specific object to the bucket, whilst not requiring them to have AWS security credentials or permissions. After a user has sent the attachment as a message, the file is uploaded as an object to our Cora Chat Attachments bucket. From here the file’s name is stored within S3 as the unique id generated for the message. This allows users to click an attachment and the backend instantly knows the attachment clicked is equal to the attachment stores in S3. To download a file, a lambda function is triggered to get the specific object within the bucket that then returns a downloaded string URL. This URL then automatically gets downloaded to the user’s browser with options to save in the directory the user wishes.

Measuring Progress & Metrics Used

Within the research and development of Cora Chat, having clear metrics to track progress for each task/goal was paramount to the success of this project. Agile methodologies including Scrums and Kanban boards, to push for continuous collaboration between planning, executing and evaluating. Considering there wasn’t a deadline, no burndown chart was utilized, however a Gantt chart was constructed to keep our team liable.

Throughout development the team gathered bugs using Atlassian Jira, noted tasks progression through Trello, and had direct communication to designers, developers and admin through Slack. Moreover, our GitHub private repository was utilized by team members, including comprehensive comments to our commits positioned within relevant branches. Furthermore, to maintain and improve readability, comments within our code are included where necessary and clear naming conventions have been used. In regards to our use of agile methodologies, our team constructed a simple Scrum structure. Including daily meetings and weekly retrospective meetings to ensure goals are being and progression is being made.

Conclusion

After approximately 6 months of research and development dedicated to Cora Chat, we finished the project. As a team we successfully met all our objectives and completed all tasks! As development for updates continue, our main objectives of modernized modelling, decompartmentalizing and security will be a priority. Every component has been individually developed to be maintainable and customizable, therefore any suggestions for future improvements no matter how small are more than welcome!

‍