Architecture and technologies of an instant chat app in flutter - api

I want to build an instant chat app with flutter without any third party services.
I've been working in a simple app using a restful laravel api for login, multiple methods and logout, using token authentication for each request. However, I find that architecture not suitable for a modern instant chat. I discovered WebSockets, which sound great, but can't yet grasp how I could subscribe to and consume one from flutter. I´ve read about web channels, but I'm not sure how they handle authentication for users. Is it possible to handshake and establish a session from my app? If so, how?
Or, can it be done totally restful? How could I post messages and listen other user's messages in that case?
Besides the chat functionality, is it recommended to work restfully? Or is flutter able to mantain a solid, authenticated session? I'm kinda new in flutter.
I appreciate any info, link or recommendation. Please, refrain if you were going to mention firebase, I want to build my own backend. Thanks!!

You should check out MQTT, an IOT protocol which is currently used for chat applications very widely.
To know about MQTT, see this.
But first I will recommend you to understand Pub-Sub(Publisher-Subscriber) Model, if you understand it then that's great.
For pub-sub model, see this.
Or, can it be done totally restful? How could I post messages and listen other user's messages in that case?
Yes, it can be done totally restful but honestly it's not recommended. You should do it with websockets.
Besides the chat functionality, is it recommended to work restfully? Or is flutter able to maintain a solid, authenticated session? I'm kinda new in flutter.
Depends on your architectural choice. There are many good options on which architecture you want to choose. Apart from restful there is GraphQL also, if you are comfortable with it. Apart from chat functionality mostly you will see people using RESTful but people who know GraphQL, might also use that instead of RESTful.

Related

How to setup authentication service from scratch?

I am planning to build this side project that helps me learn better about backend development, authentication and socket programming etc.
The idea is to build a chat application where users are mapped based on their interests and they can then talk about that topic.
To maintain the authenticity of the user I thought of adding an Authentication (Basically Phone Auth) Service. Even though there are various prebuilt services like Twilio, Firebase etc. I really want to learn the core of how they were built so that I could build that service on my own based on My Needs.
Thanks in advance

Best method if Odoo and mobile app communication

We wanted to create a mobile app using flutter, I searched on how to connect odoo with external platforms or apps , I found there are two solutions:
The most common and standard one is to use the xmlrpc communication protocol, we did found some libraries with that name in flutter , but the problem with this is that it's a bit complicated for flutter devs that does not know how the Odoo architecture works.
The least common method is the endpoints or controllers method, basically you create endpoints in your controllers and just call it through http request from the mobile side, the problem with this method is that it's not standard and I did not see much people talk about it, I also heard that this method is for the web instead of mobile apps since the session_id of the identification is returned in the Cookies.
My question is the following, is the endpoint method good enough for mobile app? If no, are their any alternative of xmlrpc?
You can connect odoo with the flutter app using simple RESTful API requests, there are many packages in pub.dev which can help you

want to understand whatsapp work flow and architecture

I have some questions like how whatsapp server is working, though I read in internet, I want to understand much. And what is XMPP? how it is working, How can I send data through XMPP. how can I integrate XMPP with application, can anyone pls explain?
WhatsApp under the hood?
There are rumors WhatsApp uses a customized version of XMPP. Sources are closed so we can only guess.
Understanding XMPP will however give you all the tools to create your own WhatsApp clone.
What is XMPP?
According to Wikipedia (which hosts further references):
Extensible Messaging and Presence Protocol (XMPP) is a communications protocol for message-oriented middleware based on XML (Extensible Markup Language).
Which is to say that XMPP is an xml based convention for exchanging messages between parties. It's best known implementation is Ejabberd chat server.
XMPP can however be used for other things, among them the web of things.
How to send messages?
Assuming you want to create a chat application, you will need:
An Ejjaberd server up and running.
An appropriate xmpp SDK for you language/framework. Example: Smack for Java or agsXMPP for C#.
A good kick-starting tutorial about how xmpp works can he found here: part one and part two.
There is also the RFC which contains the most comprehensive documentation out there.

Cookie-based authentication and web API

I'm architecting a public web API for my service. It will be equally consumed by web pages and native mobile apps (iOS, Android and Windows 8).
Should I use cookie-based authentication? I mean, is this the best practice for this scenario?
Futher Info:
After a little research in the authentication/authorization/openId-connect field i realized that most of everything is handled by the browser, by that i mean, the redirects, coockie insertion and related "boiler-plate" stuff... when i think about all that boiler-plate that i will have to duplicate in my natives apps, i wonder if that model is the best for mobile apps. i mean, maybe theres another more mobile-native-friendly way...
Ps: i know that this is a little generic still, it's just that i'm a begginer in the field of security and i dont know how to properly express my doubts/concerns/"laziness" still...
The API itself should really be stateless, and not manage any sessions. Each request to an API should be made with the authentication details (e.g. OAuth token).
If the Web pages and mobile applications need to maintain some kind of session, then it should be up to them as clients of the service to maintain that state. For instance, a Web page might set a session cookie for the user, but a native mobile app might want a completely different approach.
See also: If REST applications are supposed to be stateless, how do you manage sessions?

Best Way to Stream GMail API

I'm building a web application using GMails IMAP API. What would be the best way for me to make the updates "real-time"?
As of right now I'm using a Ruby Sinatra backend and backbone.js on the frontend. I'm looking for a way to make the communication between my frontend, my server, and the gmail api to be as fast and seamless as possible.
Thanks for the help
Edit: what I mean is what is the best way to make it seem real time. I realize gmail does not support web sockets. But what would be a good way of setting up my server and front end to make the data transaction as frictionless as possible.
I do not think this is possible. HTTP does not work this way. You would need WebSocket for this, but Gmail API does not support WebSocket.
You can either update info often (but you will run into google api request number limits).
Or update info when user needs it (that needs careful planning).