AN INDUSTRY INTERNSHIP REPORT

ON

BACKEND APP DEVELOPMENT

REPORT SUBMITTED IN PARTIAL FULLFILLMENT OF THE

REQUIREMENTS FOR THE DEGREE OF
BACHELOR OF TECHNOLOGY
IN
COMPUTER SCIENCE AND ENGINEERING
BY
PRITHVISH SHAUNKANI
(Roll No.: UI19CO41)
GUIDED BY:
Dr. Reema Patel

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

MARCH, 2023

INDIAN INSTITUTE OF INFORMATION TECHNOLOGY (IIIT)

KAMREJ – 394190
Indian Institute of Information Technology Surat
COMPUTER SCIENCE AND ENGINEERING
DEPARTMENT

CERTIFICATE

This is to certify that candidate Prithvish Shaunkani bearing Roll No: UI19CO41 of
B.TECH. IV, 8th Semester has successfully carried out the work on “BACKEND APP
DEVELOPMENT” for the partial fulfillment of the degree of Bachelor of Technology
(B.Tech.) in March, 2023.

Faculty Supervisor: Name: Dr. Reema Patel Sign: __________

Examiner 1 Name: ___________________________ Sign: ____________

Examiner 2 Name: ___________________________ Sign: ____________
Examiner 3 Name: ___________________________ Sign: ____________

(Seal of the Institute)

I
Declaration
This is to certify that

(i) This report comprises my original work towards the degree of Bachelor of
Technology in Computer Science and Engineering at IIIT, SURAT and has not been
submitted elsewhere for a degree,

(ii) due acknowledgement has been made in the text to all other material used.

Signature of Student

Prithvish Shaunkani

UI19CO41

II
Acknowledgement

I would like to express my sincere gratitude to all those who have made this industrial
internship experience possible and meaningful. Firstly, I would like to thank the
management of Glory Autotech LLP for providing me with this opportunity to gain
practical knowledge and experience in the field of computer science. I am grateful to
my mentor, Mr. Harshit Kyal, who has been a constant source of guidance and support
throughout the internship. I have learned a great deal from his expertise and experience,
and his feedback and encouragement have been instrumental in my growth during the
internship. I am also grateful to Mr. Nikhil Jivankar and Mr. Hardik Tandel for their
patience and willingness to share their knowledge and expertise with me. I extend my
heartfelt thanks to my college, Indian Institute of Information Technology, Surat, The
Director of the Institute and my faculty supervisor, Dr. Reema Patel, for providing me
with a solid foundation of computer science, which I was able to apply and expand
upon during this internship. Lastly, I would like to express my gratitude to my family
and friends for their constant support and encouragement throughout this journey.
Thank you all for contributing to my growth and development during this industrial
internship experience.

III
Abstract

This report provides a comprehensive account of my industrial internship experience in

the computer science field. The internship has lasted for a period of three months,
during which I was exposed to various aspects of the field. The report begins by
introducing the organization where the internship is taking place and providing an
overview of the organization’s activities. I am primarily involved in software
development projects, which include writing code for web and mobile applications. I
have used a variety of programming languages like JavaScript and Python, as well as
frameworks like Loopback.js. It describes my role in the development process, from
requirements gathering to testing and deployment. In addition to software development,
I have also worked on database management tasks, such as designing and optimizing
database schemas and querying data using MQL. I have also gained experience in
system administration tasks, such as configuring servers and managing networks. It
also highlights the technical skills I acquired during the internship, such as software
engineering best practices, version control using Git, and agile project management
methodologies. I also learned about various tools and technologies used in the industry,
such as Docker, and cloud computing platforms like AWS and Azure.

IV
Index
Institute Certificate I
Declaration II
Acknowledgement III
Abstract IV
Index V
List of Figures VI
List of Principal symbols and Acronyms VII
1. Introduction 1
1.1 Glory Autotech LLP
1.2 Summary of Work Done
1.3 Study of existing solutions

2. Tools and Technologies 3

2.1 Tools
2.2 Technology

3. Proposed System 6
3.1. User Authentication System
3.2. Technology

4. Design 9
4.1. User Application Design
4.2. Chat Application Design:

5. Implementation 14
5.1. User Authentication Microservice
5.2. Chat Application Microservice
5.3. S3 Migration

6. Experimental Results 25
6.1. User Authentication
6.2. Chat Application

7. Conclusion and Future Work 28

7.1. Conclusion
7.2. Future Work

References 30

V
List of Figures

Figure Number Figure Description Page

Fig 4.1.1 Google OAuth2 token flow 9
Fig 4.1.2 Local token flow(Email and Phone Number) 10
Fig 4.1.3 Accessing a protected resource using local token 11
Fig 4.2.1 Data flow of One-to-One Message delivery 12
Fig 4.2.2 Data flow of Group Message delivery 13
Fig 4.2.3 History catch up of a user when he comes online 13
Fig 5.1.1.1 Creating authentication application on GCP 15
Fig 5.1.1.2 Accessing Credentials from APIs and Services 15
Fig 5.1.1.3 Creating new OAuth credentials for our app 16
Fig 5.1.1.4 Configuring the credentials of our web application 16
Fig 5.1.1.5 Google OAuth app credentials 17
Fig 5.1.1.6 Google Authentication Strategy 17
Fig 5.1.1.7 Authenticate google profile with required scopes and return callback 18
Fig 5.1.1.8 JWT Encryption and Decryption 19
Fig 5.1.1.9 Generating JWT 19
Fig 5.1.1.10 Verifying JWT and authenticating user 20
Fig 5.1.1.11 Sending OTP to a Phone Number 21
Fig 5.1.1.12 Verifying OTP of a Phone Number 21
Fig 5.3.1 Uploading file to S3 23
Fig 5.3.2 Downloading file from S3 24
Fig 5.3.3 Downloading file from S3 synchronously for processing 24
Fig 6.1.1 Front end page for Authentication 25
Fig 6.1.2 Front end page for Email Registration 25
Fig 6.1.3 Front end page for Phone OTP Verification 26
Fig 6.1.4 Front end page for Google OAuth Login 26
Fig 6.1.5 Front end page for Facebook OAuth Login 27
Fig 6.2.1 List of API endpoints for developers 27

VI
List of Principal Symbols and Acronyms

 ACK: Acknowledgement
 AWS: Amazon Web Services
 ES: EcmaScript
 GCP: Google Cloud Platform
 IoT: Internet of Things
 JWT: JSON Web Token
 LLP: Limited Liability Partnership
 NPM: Node Package Manager
 OAuth: Open Authorization
 OTP: One Time Password
 QA: Quality Assurance

VII
VIII
Chapter 1
Introduction

1.1 Glory Autotech LLP

Glory Autotech LLP is a software services company, operating in Surat, that focuses in
giving clients in a variety of industries access to cutting-edge software solutions. The
team consists of highly skilled software developers, UI designers and software testing
engineers who are committed to delivering innovative, custom-built software solutions
that meet the unique needs of our clients. The company provides a range of software
services including application development, testing, maintenance and support using
different industry standard methodologies such as agile and waterfall, to ensure that our
clients receive high-quality, cost-effective solutions that are delivered on time and
within budget. Whether it's developing a new software application, optimizing an
existing system, or migrating to the cloud, the company delivers solutions that drive
innovation and growth. The company also offers its employees ongoing training and
development opportunities throughout the organization, so they can stay up-to-date
with the latest skills and knowledge. [1]

1.2 Summary of Work

During my time as an intern at Glory Autotech, I had the chance to work on some
really interesting projects. I worked closely with the development team to design and
develop new software features, as well as troubleshoot and fix bugs in existing
deployed software. Also, I worked with the QA tester to test new software releases and
ensure that they met the company's high standards for quality.

1
Throughout the internship, I have been exposed to a variety of backend frameworks
and got to work on several different projects:

 User Authentication System

 Chat Application System
 Database Migration of Files

1.3 Study of existing solutions

1.3.1 Chat Application

The list of competitors include various services like LiveChat, InterCom and Zendesk.
They provide chat capabilities that can be integrated into business, but the problem is
that it uses already existing services like WhatsApp messaging and Slack messaging to
integrate as the backend. Another problem is that many of these services do not provide
Live messaging features and message statuses like Read and Delivered messages.

1.3.2 User Authorization Application

The list of competitors include various services like Okta and Auth0 cloud services.
They provide Identity platforms that can be integrated into business, but the problem is
that most small businesses do not have such complex requirements of Identity
management and hence, do not need to spend a very large sum for unused services.

2
Chapter 2
Tools and Technologies

2.1 Tools
Here are some tools and platforms that have been commonly used by me for
development:

 Visual Studio Code: A widely-used code editor that supports JavaScript and
Node.js, with features like debugging, syntax highlighting, code completion,
and version control. [2]
 ESLint: A tool that helps developers find and fix errors and potential issues in
their JavaScript code, by performing static code analysis. [3]
 Babel: A JavaScript transpiler that can convert modern ECMAScript syntax
into older syntax, making it more widely-supported across different browsers.
[4]
 Amazon Web Services: A cloud computing platform offered by Amazon,
which provides a variety of services such as compute, storage, networking,
databases, machine learning, serverless computing, and IoT tools. [5]
 Microsoft Azure: A cloud computing platform provided by Microsoft, offering
similar services as AWS, as well as additional tools for artificial intelligence,
data analytics, and DevOps. [6]
 Google Cloud Platform: GCP is a cloud computing platform provided by
Google. It provides compute, storage, networking, and databases services, as
well as tools for machine learning, data analytics, and IoT. [7]
 NumPy: NumPy is a Python library for scientific computing. It provides
support for large, multi-dimensional arrays and matrices, as well as a wide
range of mathematical operations. [8]
 MongoDB Compass: MongoDB Compass is a graphical user interface (GUI)
for MongoDB, a popular NoSQL database management system. It provides a
user-friendly interface for developers and database administrators to interact
3
with MongoDB, allowing them to easily view, query, and modify data in the
database. [9]
 Postman: Postman is a popular collaboration platform for API development. It
is a GUI-based application that allows developers to design, test, and document
APIs easily and efficiently. [10]

2.2 Technology

 Loopback.js: Loopback is a popular open-source Node.js framework for

building APIs and microservices. It offers a set of tools that help developers
quickly create scalable APIs. One of its main features is its ability to auto-
generate API endpoints from a data source, such as a database or REST API.
This can save a lot of time and effort, and conforms that APIs remain consistent
across various data sources. Loopback also has a built-in user authentication
and authorization system, which helps developers to add secure authentication
and provide better access control to the APIs without much hassle. It provides
multiple authentication mechanisms, like OAuth2, JWT and social login like
Google and Facebook. [11]
 Node.js: Node.js uses an event-driven, non-blocking I/O model that makes it
highly efficient and scalable. One of the main benefits of Node.js is its ability to
handle large amounts of data and connections simultaneously. This makes it
well-suited for building real-time applications, such as chat applications,
gaming platforms, and streaming services. [12]
 NPM: NPM is a handy tool for Node.js developers, simplifying the process of
installing and managing packages for their projects, as well as sharing their own
packages with others. Its extensive open-source library of packages is often
used to accelerate backend application development. [12]
 Yarn: Similar to NPM, but it has a caching mechanism that speeds up
installation time and ensures consistency across different machines.
 Mongoose Aggregation Framework: The aggregation framework provides a
powerful and flexible way for developers to manipulate data in MongoDB
collections. By using a simple API, developers can perform complex data

4
aggregation tasks like grouping, filtering, and sorting with ease. It supports a
wide range of operators and stages, such as $match, $group, $lookup,
$graphLookUp(for recursive lookups) and $sort, which make it easy to
transform and analyze data. It creates a pipeline which can be directly called
from our application, hence, saving us from multiple database calls. [9]
 Amazon S3: Amazon S3 is a cloud-based storage service that lets you store and
retrieve large amounts of data like documents, images, videos and backups
easily. It's cost-effective and you only pay for what you use. S3 also offers
features like access control, versioning, and encryption to help manage and
secure data as per the needs. [5]

5
Chapter 3
Proposed System

3.1 User Authentication Application

3.1.1 Objective

The main objective of an authentication application is to provide unique identity to

every user accessing the application. For this, we can use many social providers with
OAuth 2.0 like Google, Facebook and Twitter. Also, we can use emails and phone
numbers since they are unique as well and can be linked only to 1 identity.

3.1.2 Assumption and Dependencies

The assumptions to be taken for the application are:

 The communication channels used by the user, such as the internet or network,
are secure and protected from unauthorized access or interception.
 The user authentication application has access to a secure database or directory
service that stores user credentials and related data.

The dependencies to be taken for the application are:

 The application depends on working and uptick of third-party services, such as

identity providers, to authenticate users or manage user credentials.
 The application may depend on third-party services, such as identity providers,
to authenticate users or manage user credentials.

6
3.1.3 Specific Requirements
 User requires his/her credentials
 User requires access to a device which connects to internet
 User also requires modern browser to send request and persist his credentials

3.1.4 Advantages offered by the System

The major advantages provided by the system are:

 Customizability : It allows for the business to use only services required by

them. For instance, they could only use email authentication and discard any
other form of authentication.
 Scalability : It can handle large number of users and provide a consistent
experience because of good horizontal scaling and fast queries provided by
MongoDB.
 Integration : It can easily integrate with any other existing application and
system, allowing users to use their former credentials across multiple platforms
and also reducing development time for creating identities.

3.2 Chat Application

3.2.1 Objective

The main objective of a chat application is to provide an efficient communication

platform that meets specific needs of an organization to support their goals. It should
provide fast and reliable communication and also allow seamless switching of devices
like from desktop to a phone. It should provide different customizations like changing
bios, profile pictures, settings and notifications. People should also be able to
collaboratively send messages and they should be able to retrieve the read receipts of
every message they send.

7
3.2.2 Assumption and Dependencies

The assumptions to be taken for the application are:

 The communication channels used by the user, such as the internet or network,
are secure and protected from unauthorized access or interception.
 Users have compatible devices that meet the minimum requirements for the chat
application, such as sufficient processing power, memory, and storage.

The dependencies to be taken for the application are:

 The application depends on servers and cloud infrastructure to store and

transmit messages between users.
 The application depends on other software or libraries, such as encryption or
compression algorithms, to provide security and efficiency

3.2.3 Specific Requirements

 User requires access to a device which connects to internet
 User also requires modern device to send request and get a better experience

3.2.4 Advantages offered by the System

The major advantages provided by the system are:

 Scalability : It can handle large number of users and provide a consistent

experience because of good horizontal scaling and fast queries provided by
MongoDB.
 Integration : It can easily integrate with any other existing application and
system, hence, reducing development time for businesses.

8
Chapter 4
Design

4.1 User Authentication Design:

There are mainly 3 workflows that work here:

 OAuth Authorization by Social Login providers: Here, we as an app request

token on behalf of the user from Social providers like Google which we use for
further requests to authenticate the identity of the user.

Fig 4.1.1 Google OAuth2 token flow

9
 Local Authentication by Email and Phone Number: Here, we as a backend
application act as the one who creates and provides the token to the frontend
once a users provides correct credentials. User, with the help of frontend, sends
request for authorization access code with their credentials. The backend server
verifies it with help of secure hashed database and sends the token to front end
which then authenticates the user

Fig 4.1.2 Local token flow(Email and Phone Number) [18]

10
 Working of microservice with token: The following diagram demonstrates
how the authentication microservice reacts with the main application to access
protected resources and routes of API developed by the business. We generate
JWT of a user using their credentials and with help of a secret key which is only
known to us and kept a secret. Front end then uses this token and sends this in
header of the request as Bearer Token which helps the backend to validate the
identity of the user who requested the resources.

Fig 4.1.3 Accessing a protected resource using local token [18]

11
4.2 Chat Application Design:

 The following diagram depicts the data flow of the message in a one-to-one
communication where User A wants to send a message to User B. It depicts a
stateful connection which is maintained with help of a database which records
every message sent and can be used in history catchup when the user comes
online.

Fig 4.2.1 Data flow of One-to-One Message delivery [17]

 The following diagram depicts the data flow of the message in a group
communication where User A wants to send a message in a group of 3 people
having A, B and C. It depicts a stateful connection which is maintained with
help of a database which records every message sent and can be used in history
catchup when the user comes online.

12
Fig 4.2.2 Data flow of Group Message delivery [17]

 The following diagram depicts how the data catchup works in case a user
receives messages when he/she is offline. The messages have status code
attached to them which signifies the current state which could be: delivered,
received, read or deleted.

Fig 4.2.3 History catch up of a user when he comes online [17]

13
Chapter 5
Implementation

5.1 User Authentication Microservice

A user authentication system is a critical component of any online application or
service. You are responsible for verifying user identities and ensuring that only
authorized users are allowed access into the system. Implementing a robust and secure
authentication system can be a complex and time-consuming process, and it is here that
microservices can bring immense value to the businesses. A user authentication
microservice is a standalone application that exposes a set of APIs to perform user
authentication and authorization functions. It can be seamlessly integrated into web and
mobile applications, allowing developers to focus on building core application
functionality rather than worrying about user authentication details. By offering user
authentication microservice as a service to other organizations, one can save time and
resources by providing an easy solution for authentication needs. Microservices can be
customized to each company's specific needs to ensure that user data is protected and
secure. Overall, it can provide a reliable, scalable, and secure solution for organizations
looking to implement user authentication functionality in their applications.

5.1.1 Authentication Strategies:

The application provides various local and OAuth2 strategies from social providers.
The social providers include Google, Facebook and Twitter. The local strategies used
are Email and Phone Number authentication.

 Technologies and Frameworks used: Node.js, Passport.js, Google Cloud

Platform, Twilio, Sendgrid, Facebook Developers

14
OAuth2:

OAuth2 is a security protocol that applications use to request access to private account
data like a private library, photo gallery, or Google Drive folder. OAuth is commonly
used in social media such as Facebook and Twitter. This allows users to exchange data
with the applications they use without sharing their personal credentials. Simply put, it
is a token that one system uses to connect to another system and exchange information
securely. [13]

Google OAuth2:

 Create an Application:

A new project can be created in the Google Developers Console. Your application will
be issued a client ID and client secret, which need to be provided to the strategy. You
will also need to configure a redirect URI which matches the route in your application.
[14]

Fig 5.1.1.1 Creating authentication application on GCP

Fig 5.1.1.2 Accessing Credentials from APIs and Services

15
Fig 5.1.1.3 Creating new OAuth credentials for our app

Fig 5.1.1.4 Configuring the credentials of our web application

16
Fig 5.1.1.5 Google OAuth app credentials

 Configure Strategy:

The Google authentication strategy authenticates users using a Google account and
OAuth 2.0 tokens. The client ID and secret obtained when creating an application are
supplied as options when creating the strategy. The strategy also requires a verify
callback, which receives the access token and optional refresh token, as well as profile
which contains the authenticated user's Google profile. The verify callback must call cb
providing a user to complete authentication.

Fig 5.1.1.6 Google Authentication Strategy [14]

17
 Authenticate Request:

Fig 5.1.1.7 Authenticate google profile with required scopes and return callback [14]

Email and Phone Authentication:

Phone and email authentication are methods used to verify the identity of a user when
they are trying to access a system or service online. Phone authentication typically
involves sending a verification code to a user`s mobile phone via SMS, which the user
must enter into the system to prove they have access to the phone number associated
with the account. Email authentication, on the other hand, involves sending a
verification link or password to a user`s email address, which they must click or enter
into the system to prove they have access to the email account associated with the
account. These methods are commonly used by online services to add an additional
layer of security to user accounts, preventing unauthorized access and reducing the risk
of fraud or hacking. By requiring users to verify their identity through their phone or
email, online services can ensure that only the rightful account holder is accessing the
account.

Here, after ensuring the correct credentials of a user, we provide them with an access
token which can be used to access protected routes of the enterprise application. This
access token is generally sent into the header of the request with a prefix of Bearer,
generally called Bearer Token. This token is stateless and hence, we do not need to
store it in the database. We use JWT with standard encryption which can only be
decrypted using our JWT_SECRET.

18
Fig 5.1.1.8 JWT Encryption and Decryption [15]

Fig 5.1.1.9 Generating JWT

19
Fig 5.1.1.10 Verifying JWT and authenticating user

20
Fig 5.1.1.11 Sending OTP to a Phone Number [16]

Fig 5.1.1.12 Verifying OTP of a Phone Number [16]

21
5.2 Chat Application Microservice

A chat application microservice is a modular component of a larger application that is

responsible for providing chat functionality. It is designed to operate independently,
with its own API and database, and can be easily integrated with other components of
an application. Developers can create applications that are more flexible and scalable.
In the case of a chat application, using a microservices architecture allows for better
handling of the high volume of messaging traffic, and also allows for easy
customization and extension of the chat functionality. Hence, a chat application
microservice is an essential component of a modern businesses and enables seamless
communication between users.

Below mentioned are the stages and step by step levels we had to
proceed with to create a web application:

 Stage 1 - Learning Low Level Technologies

The low-level technologies include learning the programming

languages and frameworks used. These include JavaScript and
their libraries NodeJS, Express and SocketIO.

 Stage 2 - Understanding the task

The given task needed to be evaluated and the frameworks to

be used had to be considered.

 Stage 3-Preparation of working environment

After the evaluation of the given task, the environment needed to be set up with
the required tools, libraries and access to all the extensions and command line
arguments to implement the task given like npm, yarn and git.

 Stage 4 - Implementation of backend

The task given was based on the backend which was done using JavaScript,
Node JS and Express JS.

22
 Stage 5 - Connection of Database
After the backend is implemented, if there is any form data that needed to be
stored, the application is connected with the database used, i.e., MongoDB in
order to perform further tasks on the data. We used MongoDB Atlas as to
remove the hassle with working on different devices.

 Stage 6 - Testing, bug fixing and integrating codebase

After the task is completed, we need to send it to the testing team for approval
or improvement. If there is a scope of improvement or a bug that needed to be
fixed, we are reverted back the codebase and the bugs were to be fixed. After
the final testing and approval, the task codebase is integrated into the
application by our supervisor.

5.3 S3 Migration

The objective of this project was to shift an already existing backend system
component of local file storage to Amazon S3 storage. Due to a large volume of files
being stored on the server, the server was being crashed. The proposed solution was to
shift the files to S3 and only acquire files required for processing from S3 when they
are requested by the user.

Fig 5.3.1 Uploading file to S3

23
Fig 5.3.2 Downloading file from S3

Fig 5.3.3 Downloading file from S3 synchronously for processing

24
Chapter 6
Experimental Results

6.1 User Authentication

Fig 6.1.1 Front end page for Authentication

Fig 6.1.2 Front end page for Email Registration

25
Fig 6.1.3 Front end page for Phone OTP Verification

Fig 6.1.4 Front end page for Google OAuth Login

26
Fig 6.1.5 Front end page for Facebook OAuth Login

6.2 Chat Application

Fig 6.2.1 List of API endpoints for developers

27
Chapter 7
Conclusion and Future Scope

7.1 Conclusion:

User Authentication Application

The application provides an efficient and easy way to manage user identities, ensuring
that only authorized users can access sensitive information or perform certain actions.
Developers can reduce the risk of security breaches, protect user data, and maintain
regulatory compliance. Also, it offers scalability and flexibility to integrate without any
OS dependence. As a result, it is essential to design and implement user authentication
microservices with robust security.

Chat Application

The application allows for the creation of a scalable and reliable chat system that can be
easily integrated with other microservices or external applications. Developers can
implement a variety of features of their choice like blocking people or getting read
receipts and provide a seamless experience.

7.2 Future Work:

User Authentication Application

 We can provide many other social providers.

 Also, we can add 2-factor authentication for certain applications.
 We can also provide refresh tokens instead of just sending access tokens to make
the system more secure.

28
Chat Application

 We can add notification service to make system more fault tolerant.

 We can also make sockets more secure and reliable using cloud services
 Add caching mechanisms for faster delivery of heavy payloads

29
References
1. Glory autotech, Glory Autotech. Available at: https://gloryautotech.com/
2. Microsoft (2021) Visual studio code - code editing. redefined, RSS. Microsoft.
Available at: https://code.visualstudio.com/
3. Michaël De Boey 21 Mar et al. (1970) Find and fix problems in your JavaScript
code - eslint - pluggable JavaScript linter, ESLint. Available at: https://eslint.org/
4. Babel · babel Babel. Available at: https://babeljs.io/
5. Cloud computing services - amazon web services (AWS) Available at:
https://aws.amazon.com/
6. Cloud computing services: Microsoft Azure Cloud Computing Services | Microsoft
Azure. Available at: https://azure.microsoft.com/en-us/
7. Google. Google Cloud Platform. Available at: https://cloud.google.com/
8. NumPy documentation# NumPy documentation - NumPy v1.24 Manual. Available
at: https://numpy.org/doc/stable/
9. MongoDB. Available at: https://www.mongodb.com/developer/products/atlas/
10. Postman. Available at: https://www.postman.com/postman/
11. LoopBack 4 | LoopBack Documentation. Available at:
https://loopback.io/doc/en/lb4/
12. Node.js. Available at: https://nodejs.org/
13. Using OAuth 2.0 to access Google apis | authorization | google developers
Google. Google. Available at:
https://developers.google.com/identity/protocols/oauth2
14. Documentation Passport.js. Available at: https://www.passportjs.org/docs/
15. Jwt.io, JSON Web Tokens. Available at: https://jwt.io/
16. Twilio docs: API reference, tutorials, and Integration | Twilio. Available at:
https://www.twilio.com/docs
17. Zhang, Z. (2021) Ace the system interview- Design a chat application, Medium.
Towards Data Science. Available at: https://towardsdatascience.com/ace-the-
system-interview-design-a-chat-application-3f34fd5b85d0
18. Vladimir (2022) The ultimate guide to handling jwts on frontend clients (graphql),
Hasura GraphQL Engine Blog. Hasura GraphQL Engine Blog. Available at:
https://hasura.io/blog/best-practices-of-using-jwt-with-graphql/

30