MCVIngenieros/mmorales.photo
3
1
Fork 0
Code Issues 15 Pull Requests 1 Actions 2 Projects 3 Releases Wiki Activity

readme

Browse Source
This commit is contained in:
MANUEL JUAN MORALES AMAT
2025-08-04 13:19:13 +02:00
parent bddcc7514e
commit 0a319df9bf
1 changed files with 126 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

169
README.md
View File

@@ -1,60 +1,143 @@
# mmorales.photo
## 1. Descripción General
mmorales.photo es una plataforma web para la gestión, exhibición y venta de fotografías profesionales. Permite a fotógrafos administrar su portafolio, interactuar con clientes y facilitar la compra de imágenes digitales o impresas.
## Problem
## 2. Análisis de Requisitos
As digital photographers, there are few alternatives to showcase their work.
Many of them require web development skills.
Many lack support for selling or appointment booking.
Many do not offer enough storage.
Many do not offer custom layouts or domain naming.
Many rely on platforms that sell services as a service (SaaS).
Most rely on platforms that sell hosting as a service (IaaS).
Most do not have user interactivity, resulting in a simple gallery without feedback.
### Requisitos Funcionales
Many amateur photographers use Instagram as a gallery and portfolio. Then, they use Dropbox, WeTransfer, Google Drive, or similar platforms. They rely on manual methods for paying for services, such as wire transfer or cash, sometimes leading to loss of money or loss of a client due to client dissatisfaction.
- Registro y autenticación de usuarios (fotógrafos y clientes).
- Gestión de portafolio fotográfico (subida, edición, categorización).
- Visualización pública de galerías.
- Compra de fotografías (descarga digital y pedido de impresión).
- Panel de administración para fotógrafos.
- Sistema de comentarios y valoraciones.
- Notificaciones por correo electrónico.
## Proposal
### Requisitos No Funcionales
A platform with three kinds of view:
- Seguridad en el manejo de datos y pagos.
- Escalabilidad para soportar múltiples usuarios y galerías.
- Interfaz responsiva y accesible.
- Integración con pasarelas de pago.
1. A client view: A simple gallery with easy contact and appointment booking methods. With a history of purchases and services to access private galleries where images can be downloaded without restrictions. These galleries must be able to be shared across users so one pays, all get access.
## 3. Arquitectura del Sistema
2. A content manager view: A simple administration page for uploading content, customizing the current content (such as website name, icon, and current images displayed), and creating buyers' galleries. It must also be able to moderate user-generated content, such as public gallery comments.
- **Frontend:** Aplicación web en React (front/) para la interfaz de usuario.
- **Backend:** API REST en Node.js/Express (back/) para la lógica de negocio y acceso a datos.
- **Base de Datos:** PostgreSQL o MySQL (bd/) para almacenamiento de usuarios, fotos y transacciones.
- **Almacenamiento de Imágenes:** Servicio externo (ej. AWS S3) o almacenamiento local.
- **Autenticación:** JWT y OAuth para login seguro.
- **Infraestructura:** Despliegue en servidores cloud (ej. AWS, Azure) con CI/CD.
3. An administrator view: A more complex display of web-related content. The admin can edit service-related items, such as adding content managers, editing payment methods, changing website name, icon, fonts, and component CSS. It must also be able to look up non-sensitive user details such as name or email to assist users in need.
## 4. Casos de Uso
The solutions must be oriented towards user experience and satisfaction.
It must also provide user security and protect photographers' work.
For non-techies, it must provide an easy way to manage, use, and host; the out-of-the-box experience must be excellent.
For techies, it must provide a self-hosted environment, allowing customization of less critical parts such as mailing, frontend layout, and database provider.
- **Fotógrafo:** Registra su cuenta, sube fotos, organiza galerías, revisa ventas y comentarios.
- **Cliente:** Navega galerías, compra fotos, deja comentarios y valoraciones.
- **Administrador:** Modera contenido, gestiona usuarios y reportes.
### Objectives
## 5. User Stories
We expect:
- Como fotógrafo, quiero subir y organizar mis fotos para mostrar mi portafolio.
- Como cliente, quiero buscar y comprar fotos fácilmente.
- Como administrador, quiero moderar contenido inapropiado.
- To fulfill the needs of new professionals and provide a solid alternative for established ones.
- A secure and professional way to deliver digital photography work to clients.
- A collaborative platform between photographers and clients to enable better work.
- The easiest-to-use and best out-of-the-box experience for new clients.
## 6. Modelos de Datos (Ejemplo)
### Monetization
- **Usuario:** id, nombre, email, rol, contraseña, fecha_registro
- **Fotografía:** id, título, descripción, url, precio, fotógrafo_id, fecha_subida, categoría
- **Compra:** id, cliente_id, foto_id, fecha, tipo_entrega, estado
- **Comentario:** id, usuario_id, foto_id, texto, fecha
__What do we sell?__ We sell a fire-and-forget service.
__What do customers pay for?__ Non-techies pay for setup, management, support, and storage. Techies pay for support.
__How do customers receive the product?__ Non-techies receive a pre-made setup on their desired hosting. Techies receive a click-and-run service.
__How much do we receive per product?__ As a product, we do not receive anything. As a service, we license the service monthly, yearly, or by one-hour support service.
## 7. División de Tareas
### Scope
- **Frontend:** Diseño de UI, integración con API, gestión de estado, vistas responsivas.
- **Backend:** Desarrollo de endpoints, lógica de negocio, autenticación, integración con base de datos.
- **Base de Datos:** Diseño de esquemas, migraciones, optimización de consultas.
- **DevOps:** Configuración de CI/CD, despliegue, monitoreo.
- **QA:** Pruebas unitarias, de integración y de usuario.
#### What IS included
- Provide a friendly, comfortable, and fast frontend; an agile and resilient backend.
- Offer broad customization options regarding infrastructure.
- Deliver the most simple and satisfying out-of-the-box experience possible.
- Enable integration with multiple cloud storage providers and local storage.
- Support for multi-language and accessibility features.
- Ensure data privacy and security for users and photographers.
- Provide basic analytics and usage statistics for administrators.
- Allow easy deployment on various hosting environments (cloud, on-premises, hybrid).
#### What is NOT included
- Payment gateways.
- Extensive customization of the visual design.
- Hosting management tasks.
- Advanced marketing automation tools.
- Third-party plugin marketplace.
- Deep integration with external CRM or ERP systems.
### Risks and Mitigations
| Risk | Description | Mitigation |
|------|-------------|------------|
| Vendor lock-in | Dependence on a single cloud provider may limit flexibility and increase costs. | Support multiple storage providers and allow easy migration between them. |
| Data loss or corruption | Images or user data could be lost due to hardware failure or software bugs. | Implement regular backups, redundancy, and data integrity checks. |
| Security breaches | Unauthorized access to private galleries or sensitive user data. | Use strong encryption (HTTPS, AES), MFA, and regular security audits. |
| Scalability issues | Performance degradation as the number of users or images grows. | Design for horizontal scalability and monitor system performance. |
| Legal and compliance | Failure to comply with data protection laws (GDPR, etc.). | Store data in compliant regions and provide clear privacy policies. |
| User adoption | Users may find the platform difficult to use or not see its value. | Focus on user experience, provide onboarding guides, and collect feedback. |
| Third-party service outages | External services (cloud, identity providers) may become unavailable. | Implement fallback mechanisms and monitor service health. |
| Cost overruns | Unexpected expenses in infrastructure or development. | Monitor costs, set budgets, and optimize resource usage. |
### How-To
Based on a three-layered architecture, each layer must present a plug-and-play architecture.
__As frontend__, we are starting with Angular as a base, then creating Vue and React alternatives.
It will follow a clean architecture based on the scream architecture approach.
To make rendering easy for low-end/home servers, it will mainly use client-side rendering.
For identity verification, the frontend will rely on OpenID data provided by the backend, using a cookie ID and JWE for identification.
For UI layout, mobile and tablet will be preferred as end devices. Computers and large-sized devices will be last in layout responsibility. The UI will be built by composing different small components, following a Vue-like philosophy.
__As backend__, we are deploying a C# .NET engine. As a self-host-aware project, we need to ensure platform compatibility. A cloud-native approach will be taken, providing a system-agnostic platform. Cross-compiling will be a must. Database-agnostic, it will use SQLite as the default database for fallback and non-customized database. PostgreSQL will be used for SQL-based database development, making it pluggable and interchangeable with Microsoft SQL Server and other SQL providers like CockroachDB.
For architecture, we will take a Domain-Driven approach. Using EntityFramework for database operations makes development faster and database-agnostic.
For security, all communications will be made via HTTPS and encrypted with military-grade AES.
Also, to make user registration easier, we will use as many identity providers as possible, such as Google, Facebook, Instagram... Once registered, users need to access as easily as possible, so passwordless access should be implemented. For security, an MFA system will be required.
To be able to respond to energy shortages, we will use DAPR and some edge computing technologies.
To be more resilient against some attacks, we will implement BFF (Backend for Frontend) technology.
For custom gallery creation, we will use a parallel processor based on messaging.
__As database__, we are going to choose a database-agnostic approach.
Since during development we will ignore database layout, we are going to expose two configurations for two kinds of data levels.
User-related data will be presented as the SensibleData database.
Images and other blobs will be presented as the BlobData database.
As a cloud-native approach, we will take blob storage as a service-independent module, so users can use their own disk space or services such as:
- __Amazon S3:__ Highly scalable, reliable, and widely used object storage service.
- __Microsoft Azure Blob Storage:__ Secure and scalable storage for unstructured data, integrated with the Azure ecosystem.
- __Google Cloud Storage:__ Global object storage with strong integration to Google Cloud services.
- __DigitalOcean Spaces:__ Simple and cost-effective object storage compatible with the S3 API.
- __Backblaze B2:__ Affordable cloud storage with S3 compatibility.
- __Wasabi:__ High-performance, low-cost cloud storage with S3 API support.
- __IBM Cloud Object Storage:__ Enterprise-grade, scalable object storage.
- __MinIO:__ Self-hosted, S3-compatible object storage solution for on-premises or private cloud.
### Glossary
__Frontend:__ The part of the application that users interact with directly, typically the website or app interface.
__Backend:__ The server-side part of the application that handles business logic, data storage, and communication with other services.
__SaaS (Software as a Service):__ A software distribution model in which applications are hosted by a service provider and made available to customers over the internet.
__IaaS (Infrastructure as a Service):__ A form of cloud computing that provides virtualized computing resources over the internet.
__Client-side rendering:__ Rendering of web pages in the user's browser using JavaScript frameworks.
__Server-side rendering (SSR):__ Rendering of web pages on the server before sending them to the user's browser.
__OpenID:__ An authentication protocol that allows users to log in to multiple services with a single identity.
__JWE (JSON Web Encryption):__ A standard for encrypting data in JSON format, often used for secure transmission of authentication tokens.
__MFA (Multi-Factor Authentication):__ A security system that requires more than one method of authentication from independent categories of credentials.
__BFF (Backend for Frontend):__ An architectural pattern where a dedicated backend is built for each frontend application to optimize communication and security.
__Domain-Driven Design (DDD):__ An approach to software development that focuses on modeling software to match a domain's business concepts and logic.
__EntityFramework:__ An object-relational mapper (ORM) for .NET, used to interact with databases using .NET objects.
__Blob Storage:__ A service for storing large amounts of unstructured data, such as images, videos, and documents.
__Plug-and-play architecture:__ A design approach that allows components to be easily added, removed, or replaced without affecting the rest of the system.