October 2024 Devlog

Hi all! Welcome to the October 2024 Devlog for LegisLink. I intend to move forward with a monthly cadence for blogs relating to to the app. October has been a transformative month for the app, with several major changes to the infrastructure so I can inch ever closer to getting user testing.

Moving Away from Auth0: Building Custom Authentication

One of the biggest changes this month was moving away from Auth0. I decided to do this after having a number of difficulties with their customization options. Additionally, the boilerplate code I had been using was very inflexible and I wanted to start from scratch. I wanted something lighter and that would allow me to handle the user registration and logging-in processes from within my app. By removing Auth0 from the project entirely, I was able to build a more personalized authentication flow from the ground up in Swift. After some research, I decided to make the switch to Firebase, but not just Firebase Authentication.

Using Cloud Firestore

One of the most important updates this month was implementing a database using Firebase Cloud Firestore. This change will be a crucial foundation for creating a reliable backend to manage user data, ensuring that login and registration functionalities are fully supported. Firestore is a NoSQL, cloud-hosted database that is flexible and scalable, making it the perfect solution for the app’s growing needs. It allows for real-time syncing and seamless data retrieval, which means users can access their account data quickly and securely. Thus far, this is the first time I’ve stored user data properly in a database and I am really excited to see how Firestore performs going forward.

Organizing the Login Flow with a LoginViewModel

Another significant improvement was reorganizing the login components into a LoginViewModel. Initially, the authentication system relied heavily on the boilerplate code provided by Auth0, which was functional but not as clean or intuitive as I wanted. By breaking out the login logic into its own view model, I’ve managed to keep the code far more organized and modular, making future updates and maintenance easier to handle.

The new system is designed around simplicity and readability. Now that Firebase Authentication is fully integrated, I’m able to keep the authentication flow lean, with minimal overhead or unnecessary features. This design choice enhances both the developer experience and the user experience, providing a streamlined login process that’s quick to load and easy to understand. With the LoginViewModel in place, the codebase is much easier to maintain, and the login experience feels polished and professional.

Migration from AWS After a Security Incident

After a security incident compromised my AWS account, I made the difficult decision to migrate away from AWS. This experience highlighted the importance of robust security practices and prompted me to reassess my infrastructure needs. Rather than rebuilding in AWS, I turned to Firebase as an alternative, primarily due to its simplicity, strong security features, and ability to handle authentication, storage, and database management under one roof.

Going Private: Repository Changes

In the wake of the AWS security breach, I took additional steps to protect the integrity of the app by making the GitHub repository private. Keeping the repository public was no longer feasible given the sensitivity of some of the code and the project’s growing complexity. By making the repository private, I have reduced the risk of exposing sensitive information or potential vulnerabilities.

This move toward a private repository also reflects a broader focus on security and control within the development process. With a private repository, I can better manage who has access to the codebase, ensuring that only those actively contributing to the project have the necessary permissions. This change has made me more confident in the app’s development pipeline, as it’s now safeguarded against unnecessary exposure.

Integrating Firebase for Storing Congressional Data

This month, I’ve focused on integrating Firebase Storage to store the files relating to Congress , which is sourced from the OpenStates public repository. Previously, the 500-and-some-change files responsible for storing data on congressional officials were stored in an AWS S3 bucket. However, when I moved away from AWS this was no longer an option.

After realizing Firebase Storage was could be used for this purpose, I decided to use that services to store these YAML files. As a reminder, these YAML files contain vital information about congressional representatives, allowing users to easily access up-to-date political data about their elected officials within the app.

By leveraging the Firebase iOS SDK, I’ve implemented a solution where these YAML files are able to be downloaded and serialized into Swift objects, just as they had been when I was using the S3 bucket. Firebase Storage offers the scalability and security needed to handle these files efficiently, making it easy to store and retrieve the data on demand.

Automating OpenStates Data Sync with GitHub Actions

A big part of this month’s development was also updating the way I manage updates to external data. Since the app relies on data from the OpenStates repository, I needed a way to keep the data regarding elected officials in-sync with the files I am storing in Firebase Storage. When I was using an S3 bucket, I had implemented a GitHub Actions workflow to sync the bucket with whatever the action’s runner had cloned from the main branch of the repo. This was really just a bash script with a command that could sync a local directory with a bucket in AWS, which was incredibly handy. However, now that I have migrated away from using an S3 bucket, I ended up re-writing this action to be largely in JavaScript. One file for cloning the repository to the runner, and the other file for uploading the files to Firebase.

Conclusion

This month’s updates have laid the foundation for even greater improvements to the app in the future. With a Firebase Storage integration in progress and custom authentication in place, I’m excited about the possibilities for enhancing both the user experience and the underlying infrastructure.

As we head into November, I’ll be concentrating on expanding the app’s user interaction, and getting the app to a place where I can have a small handful of folks begin testing the app.

Also, do not forget to vote!

---

AI Disclosure

For the sake of transparency - I am disclosing that I did use ChatGPT to help me write some of this blog. I used it to create rough drafts of some portions of the blog and to help me create an outline. The vast majority of the work for this blog is still created by me, as are all images used besides the header. I am hoping that by using AI to help me write these blogs, I will be able to publish them more regularly.