Software Requirements & Specifications
This document specifies the software requirements, dependencies, and technical specifications for developing and deploying the Dharini platform.
Runtime Requirements
Section titled “Runtime Requirements”Backend
Section titled “Backend”| Component | Version | Notes |
|---|---|---|
| Node.js | 22.x LTS | Required for NestJS runtime |
| PostgreSQL | 16.x | With PostGIS 3.4 extension |
| Redis | 7.x (Alpine) | For BullMQ job queues |
Web Frontend
Section titled “Web Frontend”| Component | Version | Notes |
|---|---|---|
| Node.js | 22.x LTS | Required for Next.js |
| Browser Support | Chrome 90+, Firefox 90+, Safari 14+, Edge 90+ | Modern browsers with ES2020 support |
Mobile App
Section titled “Mobile App”| Component | Version | Notes |
|---|---|---|
| Flutter SDK | ≥3.16.0 | Cross-platform framework |
| Dart SDK | ^3.5.4 | Language runtime |
| Android | API 21+ (Android 5.0) | Minimum supported version |
| iOS | 12.0+ | Minimum supported version (planned) |
Development Environment
Section titled “Development Environment”Prerequisites
Section titled “Prerequisites”| Tool | Version | Purpose |
|---|---|---|
| Docker | 24.x+ | Container runtime |
| Docker Compose | 2.x+ | Multi-container orchestration |
| Git | 2.x+ | Version control |
| Node.js | 22.x LTS | Backend and web development |
| Flutter SDK | ≥3.16.0 | Mobile development |
| Android Studio | Latest | Android SDK and emulator |
| VS Code / IDE | Latest | Recommended IDE |
Quick Start (Development)
Section titled “Quick Start (Development)”# Clone repositorygit clone https://github.com/dsih-artpark/dharini.gitcd dharini
# Copy environment templatecp .env.example .env
# Start development servicesdocker compose --profile development up -d
# Run database migrationsdocker exec -it backend npm run migration:runDevelopment Ports
Section titled “Development Ports”| Service | Port | URL |
|---|---|---|
| Backend API | 4000 | http://localhost:4000 |
| Web Frontend | 3000 | http://localhost:3000 |
| APK Server | 3001 | http://localhost:3001 |
| PostgreSQL | 5432 | localhost:5432 |
| Redis | 6379 | localhost:6379 |
| pgAdmin | 5050 | http://localhost:5050 |
Production Environment
Section titled “Production Environment”Infrastructure Requirements
Section titled “Infrastructure Requirements”| Component | Specification | Notes |
|---|---|---|
| Compute | 2 vCPU, 4GB RAM minimum | t3.medium or equivalent |
| Database | PostgreSQL 16 with PostGIS | AWS RDS recommended |
| Storage | 50GB+ SSD | For database, logs, APKs |
| Object Storage | S3-compatible | For media uploads |
| SSL | TLS 1.2+ | Required for HTTPS |
AWS Services (Recommended)
Section titled “AWS Services (Recommended)”| Service | Purpose |
|---|---|
| EC2 | Application hosting |
| RDS | Managed PostgreSQL |
| S3 | File storage (photos, reports) |
| Route 53 | DNS management |
| ACM | SSL certificates |
Network Requirements
Section titled “Network Requirements”| Port | Protocol | Purpose |
|---|---|---|
| 22 | TCP | SSH access (restricted) |
| 80 | TCP | HTTP (redirects to HTTPS) |
| 443 | TCP | HTTPS |
| 5432 | TCP | PostgreSQL (internal only) |
Software Dependencies
Section titled “Software Dependencies”Backend (NestJS)
Section titled “Backend (NestJS)”Core Framework:
- NestJS 11.x
- TypeScript 5.x
- TypeORM 0.3.x
Key Dependencies:
| Package | Version | Purpose |
|---|---|---|
@nestjs/passport | 11.x | Authentication |
@nestjs/jwt | 11.x | JWT tokens |
@nestjs/bullmq | 11.x | Job queue |
@casl/ability | 6.x | Authorization (RBAC) |
@aws-sdk/client-s3 | 3.x | S3 file uploads |
typeorm | 0.3.x | Database ORM |
pg | 8.x | PostgreSQL driver |
nodemailer | 7.x | Email sending |
twilio | 5.x | SMS/OTP |
Web Frontend (Next.js)
Section titled “Web Frontend (Next.js)”Core Framework:
- Next.js 15.x (App Router)
- React 18.x
- TypeScript 5.x
Key Dependencies:
| Package | Version | Purpose |
|---|---|---|
jotai | 2.x | State management |
axios | 1.x | HTTP client |
leaflet | 1.9.x | Maps |
react-leaflet | 4.x | React map components |
recharts | 2.x | Charts/visualization |
tailwindcss | 3.x | Styling |
posthog-js | 1.x | Analytics |
Mobile (Flutter)
Section titled “Mobile (Flutter)”Core Framework:
- Flutter ≥3.16.0
- Dart ^3.5.4
Key Dependencies:
| Package | Version | Purpose |
|---|---|---|
flutter_bloc | 8.x | State management |
flutter_hooks | 0.20.x | Hooks for widgets |
fquery | 1.5.x | Data fetching/caching |
hive | 2.x | Local database |
dio | 5.x | HTTP client |
go_router | 14.x | Navigation |
geolocator | 13.x | GPS location |
mobile_scanner | 6.x | QR/barcode scanning |
sentry_flutter | 9.x | Error tracking |
posthog_flutter | 5.x | Analytics |
Database Schema
Section titled “Database Schema”Core Entities
Section titled “Core Entities”| Table | Description | Key Relations |
|---|---|---|
users | User accounts | → teams, roles |
projects | Surveillance projects | → teams, sites, diseases |
teams | Team organization | → users, projects |
roles | Permission definitions | → users (via user_roles) |
sites | Collection locations | → projects, visits (PostGIS geometry) |
visits | Site visit records | → sites, samples, users |
samples | Sample records | → visits, lab_tests, diseases |
lab_tests | Test results | → samples, diseases |
diseases | Disease definitions | → projects, samples |
sample_types | Sample type catalog | → samples |
media | Uploaded files | → S3 references |
Required Extensions
Section titled “Required Extensions”CREATE EXTENSION IF NOT EXISTS postgis;CREATE EXTENSION IF NOT EXISTS postgis_topology;CREATE EXTENSION IF NOT EXISTS "uuid-ossp";API Specifications
Section titled “API Specifications”Authentication
Section titled “Authentication”- Method: JWT Bearer tokens
- Token Expiry: 24 hours (configurable)
- OTP Delivery: SMS via Twilio or email via SMTP
API Documentation
Section titled “API Documentation”- Format: OpenAPI 3.0 (Swagger)
- Endpoint:
/api/docs(development/staging) - Generated Client:
es_clientpackage for mobile
Rate Limiting
Section titled “Rate Limiting”| Endpoint | Limit | Window |
|---|---|---|
| Auth endpoints | 10 requests | 15 minutes |
| API endpoints | 100 requests | 15 minutes |
| File uploads | 20 requests | 15 minutes |
Security Requirements
Section titled “Security Requirements”Authentication
Section titled “Authentication”- OTP-based login (SMS/email)
- JWT tokens with RS256 or HS256
- Secure httpOnly cookies for web sessions
- Token refresh mechanism
Authorization
Section titled “Authorization”- Role-based access control (CASL)
- Scope hierarchy: System → Project → Team
- Policy-based guards on all endpoints
Data Protection
Section titled “Data Protection”- HTTPS/TLS 1.2+ required
- Database encryption at rest (RDS)
- S3 bucket encryption (SSE-S3)
- Sensitive data masked in logs
Compliance
Section titled “Compliance”- Audit logging for all data changes
- User attribution on all operations
- Data retention policies configurable
Performance Specifications
Section titled “Performance Specifications”Response Times (P95)
Section titled “Response Times (P95)”| Operation | Target |
|---|---|
| API read operations | < 200ms |
| API write operations | < 500ms |
| File uploads (< 5MB) | < 3s |
| Dashboard load | < 2s |
Scalability
Section titled “Scalability”| Metric | Capacity |
|---|---|
| Concurrent users | 500+ |
| Samples per project | 100,000+ |
| Daily API requests | 100,000+ |
| Storage (media) | Unlimited (S3) |
Offline Capability
Section titled “Offline Capability”- Mobile app supports full offline operation
- Local Hive database for data persistence
- Automatic sync on connectivity restore
- Photo compression (1MB max, 1920px)
Monitoring & Observability
Section titled “Monitoring & Observability”Error Tracking
Section titled “Error Tracking”- Service: Sentry
- Coverage: Backend, web, mobile
- Alerts: Critical errors trigger notifications
Analytics
Section titled “Analytics”- Service: PostHog
- Events: User actions, feature usage
- Privacy: Configurable data collection
Health Checks
Section titled “Health Checks”| Endpoint | Purpose |
|---|---|
/health | Backend liveness |
/api/docs | API availability |
APK server /health | Distribution service |
Logging
Section titled “Logging”- Structured JSON logs (production)
- Log levels: error, warn, info, debug
- Retention: 30 days (configurable)
Environment Variables
Section titled “Environment Variables”See Environment Variables Reference for the complete list of configuration options.
Required Variables
Section titled “Required Variables”# DatabaseDB_HOST, DB_PORT, DB_USERNAME, DB_PASSWORD, DB_DATABASE
# RedisREDIS_HOST, REDIS_PORT
# SecurityJWT_SECRET
# AWS S3S3_REGION, S3_BUCKET, S3_ACCESSKEYID, S3_SECRETACCESSKEY
# FrontendNEXT_PUBLIC_API_URL, NEXT_PUBLIC_APP_ENVDeployment Profiles
Section titled “Deployment Profiles”Docker Compose supports multiple deployment profiles:
| Profile | Services | Use Case |
|---|---|---|
development | All + pgAdmin + local Postgres | Local development |
demo | All + local Postgres | Demo environments |
staging | Backend, frontend, APK, Redis | Staging (external DB) |
production | Backend, frontend, APK, Redis | Production (external DB) |
# Developmentdocker compose --profile development up -d
# Productiondocker compose --profile production up -dVersion Compatibility Matrix
Section titled “Version Compatibility Matrix”| Component | Current Version | Minimum Supported |
|---|---|---|
| Backend API | 0.1.0 | 0.1.0 |
| Web Frontend | 0.1.0 | 0.1.0 |
| Mobile App | 0.2.0-beta4 | 0.2.0-beta1 |
| Database Schema | Migration-based | Latest migration |
Document generated from production branch. Last updated: March 2026.