NodeServer - Feature Inventory¶

Table of Contents¶

1. Overview
2. Core Features
3. Feature Completeness Matrix
4. Feature Dependencies
5. Platform-Specific Features
6. Known Limitations
7. Missing Features
8. Feature Roadmap

Overview¶

The NodeServer provides real-time communication infrastructure for the Psyter platform and associated systems. It serves as the central signaling hub for:

• 3 Mobile Platforms: Android Client, Android Care Provider, iOS Care Provider
• 1 Web Platform: Psyter Web Portal
• 12 Tenant Systems: Psyter, QuranLMS, Assessment Systems, etc.

Total Features: 66 implemented commands
Feature Categories: Authentication (6), Presence (12), Collaboration (18), Messaging (8), Administration (5), File Transfer (3)

Core Features¶

1. Authentication & Authorization¶

Authentication Flow:

Mobile App → Request Verification Code (via API)
    ↓
API → Send SMS/Email with Code
    ↓
Mobile App → Connect WebSocket with communicationKey=CODE
    ↓
NodeServer → Validate Code in Database
    ↓
NodeServer → Send P_AUTHENTICATE response with user data + friend list
    ↓
NodeServer → Broadcast P_SIGNIN to all user's friends

Features:
- ✅ Multiple auth methods
- ✅ Multi-device support (same user, different devices)
- ✅ Automatic friend list retrieval on login
- ✅ Session resumption on reconnect
- ❌ Missing: Token-based auth (JWT)
- ❌ Missing: OAuth integration
- ❌ Missing: Two-factor authentication

2. Presence Management¶

Presence Status Types:

cStatus = {
    OFFLINE: 1,
    ONLINE: 2,
    AWAY: 3,
    DO_NOT_DISTURB: 4,
    INVISIBLE: 5,
    NETWORK_POOR: 6,
    NETWORK_OK: 7
};

Presence Broadcasting:
- User’s status broadcast to all friends in their contact list
- Friend list retrieved from database on login
- Multi-device awareness (user offline only when ALL devices disconnect)
- Network quality indicators (important for video call quality)

Features:
- ✅ Rich status types
- ✅ Friend list management
- ✅ Network quality awareness
- ✅ Bulk status checks
- ❌ Missing: “Last seen” timestamp
- ❌ Missing: “Typing for X minutes” indicator
- ❌ Missing: Custom status messages

3. Real-Time Messaging (Chat)¶

Message Types:

// Stored in database
{
    SenderId: 42,
    RecieverId: 43,
    Text: "Hello",
    FilePath: "/media/chat/image.jpg",
    CatFileTypeId: 1,  // 1=Image, 2=Document, etc.
    CatMessageStatus: 1  // 1=Sent, 2=Delivered, 3=Read
}

Message Flow:

Sender → P_SEND_MESSAGE
    ↓
Server → Store in DB (Message_InsertMessage)
    ↓
Server → Send P_RECIEVE_MESSAGE to recipient (if online)
    ↓
Server → Send FCM notification (if offline)
    ↓
Server → Send P_SEND_MESSAGE response to sender (with message ID)
    ↓
Recipient → P_UPDATE_MESSAGE_STATUS (mark as delivered/read)
    ↓
Server → Broadcast status update to sender

Features:
- ✅ Text messages
- ✅ File attachments (images, documents)
- ✅ Read receipts (Sent/Delivered/Read)
- ✅ Offline message delivery (via FCM)
- ✅ Conversation pagination
- ✅ Message history
- ✅ Typing indicators
- ❌ Missing: Message reactions (emoji)
- ❌ Missing: Message editing
- ❌ Missing: Message deletion
- ❌ Missing: Reply/thread support
- ❌ Missing: Voice messages
- ❌ Missing: End-to-end encryption

4. Video/Audio Collaboration (WebRTC)¶

Collaboration Modes:

cCollaborationMode = {
    AUDIO_ONLY: 1,
    VIDEO_ONLY: 2,
    VIDEO_AUDIO: 3,
    NONE: 4
};

Collaboration Object:

{
    Key: "uuid-1234-5678",  // Unique session ID
    Initiator: { /* User who started call */ },
    ParticipantList: [/* Other users in call */],
    BookingId: 123,  // Optional: linked appointment
    IsScheduled: 1,  // 0=ad-hoc, 1=scheduled
    StartTime: "2025-11-10 12:00:00",
    TimeLimit: 60,  // seconds
    CountdownTimer: setTimeout()  // Auto-end timer
}

WebRTC Flow:

Initiator → C_CREATE_COLLABORATION
    ↓
Server → Generate collaborationKey
    ↓
Server → Send P_ACCEPT_COLLABORATION to participants (FCM if offline)
    ↓
Participants → Connect with connectionMode=2&collaborationKey=...
    ↓
Initiator → C_SDP (offer)
    ↓
Server → Broadcast to Participant
    ↓
Participant → C_SDP (answer)
    ↓
Server → Broadcast to Initiator
    ↓
Both → C_ICECANDIDATE (multiple times)
    ↓
Server → Relay between peers
    ↓
WebRTC Connection Established (peer-to-peer)
    ↓
Initiator → C_END_COLLABORATION
    ↓
Server → Log call duration to DB
    ↓
Server → Broadcast C_END_COLLABORATION to all

Features:
- ✅ 1-to-1 video calls
- ✅ Multi-party calls (1 initiator + N participants)
- ✅ Audio-only mode
- ✅ Video toggle during call
- ✅ Audio mute/unmute
- ✅ Call hold functionality
- ✅ Network quality monitoring
- ✅ Session time limits
- ✅ Auto-timeout enforcement
- ✅ Call duration logging (for billing)
- ✅ Scheduled call support (linked to bookings)
- ✅ Reconnection handling
- ⚠️ Partial: Screen sharing (no start command)
- ❌ Missing: Recording functionality
- ❌ Missing: Call quality statistics
- ❌ Missing: Bandwidth adaptation
- ❌ Missing: Background blur/virtual backgrounds
- ❌ Missing: Group video (>2 participants with mesh/SFU)

Call Duration Tracking:

// Assessment Systems
Mobile_Package_ConsumptionDetail_Update(
    studentId, catPackageDetailId, consumedValue, staffId, 
    startDateTime, endDateTime, isScheduled, bookingId
);

// Psyter
SP_ManageCareProvidersServiceCount(
    User1Id, User2Id, BookingId
);

5. File Transfer¶

File Transfer Status:
- Commands defined but minimal implementation
- No chunking logic in server
- Files currently sent as URLs via P_SEND_MESSAGE with FilePath
- Actual file upload handled by Media API, not NodeServer

Current File Sharing Flow:

Client → Upload file to Media API
    ↓
Media API → Store file, return URL
    ↓
Client → P_SEND_MESSAGE with FilePath=URL
    ↓
Server → Store message in DB
    ↓
Recipient → Receive message with file URL
    ↓
Recipient → Download from Media API

Features:
- ⚠️ File sharing via URLs (complete)
- ❌ Missing: Direct peer-to-peer file transfer
- ❌ Missing: File transfer progress
- ❌ Missing: Large file chunking
- ❌ Missing: File transfer resumption

6. Push Notifications¶

FCM Notification Scenarios:

// 1. Incoming call
topic: 'patient_123~' or 'doctor_456~'
title: 'P_COLLABORATION'
body: { /* Full collaboration data */ }

// 2. Chat message
topic: 'patient_123~'
title: 'John Doe'  // Sender name
body: { /* Message data */ }

// 3. Call rejection
topic: 'doctor_456~'
title: 'C_UNREACHABLE'
body: { /* Rejection reason */ }

Topic Naming:
- Psyter: patient_{PatientId}~, doctor_{ServiceProviderId}~
- Assessment: student_{StudentId}~, staff_{StaffId}~
- Generic: user_{UserId}~

Features:
- ✅ FCM for Android (working)
- ✅ Topic-based routing
- ✅ High priority notifications
- ✅ Data-only payloads (no system tray on Android)
- ✅ Retry logic on failure
- ❌ Disabled: APN for iOS (commented code)
- ❌ Missing: Web push notifications
- ❌ Missing: Notification batching (multiple missed calls)
- ❌ Missing: Notification preferences

7. Administration¶

Admin Features:
- ✅ User management (CRUD)
- ✅ Friend relationship management
- ✅ Permission enforcement
- ❌ Missing: Role-based access control
- ❌ Missing: User activity logs
- ❌ Missing: Ban/suspend users
- ❌ Missing: Bulk user operations

8. Session Management¶

Session Features:
- ✅ Scheduled session support
- ✅ Booking integration
- ✅ Service count tracking
- ✅ Time extension
- ❌ Missing: Session notes/summary
- ❌ Missing: Session rating
- ❌ Missing: Session recording metadata

Feature Completeness Matrix¶

By Platform¶

Legend:
- ✅ 90-100% - Fully functional
- ⚠️ 50-89% - Partially functional
- ❌ 0-49% - Minimal/not functional

By Tenant System¶

Tenant-Specific Features:

Psyter:
- Service provider count tracking (SP_ManageCareProvidersServiceCount)
- Booking integration
- Patient/Doctor roles

Assessment Systems:
- Student login restriction (single session only)
- Package consumption tracking (Mobile_Package_ConsumptionDetail_Update)
- Student/Staff roles
- Time-based session management

QuranLMS:
- Standard collaboration (no call tracking)
- Student/Teacher roles

Feature Dependencies¶

Internal Dependencies¶

Collaboration requires Presence:

User must authenticate (Presence mode)
    ↓
Then can create/join collaboration (Collaboration mode)
    ↓
For Web: Collaboration uses same WebSocket connection
For Mobile: Separate WebSocket connection

Messaging requires Authentication:

User must be authenticated
    ↓
Can send/receive messages (stored in DB)
    ↓
Offline messages delivered via FCM (requires Firebase config)

Push Notifications require Presence:

User logs in → Firebase topic subscription happens client-side
    ↓
User goes offline → Server sends FCM to topic
    ↓
Client receives notification → Can reconnect

External Dependencies¶

Database Stored Procedures¶

Required for Full Functionality:

Authentication:
├── COB_Authenticate
├── COB_Authenticate_Get_User_List
├── COB_Get_User_List
├── COB_Get_Related_User_List
├── COB_Create_User
├── COB_Update_Password
└── COB_Manage_User_Friend

Collaboration:
├── Mobile_Package_ConsumptionDetail_Update (Assessment)
├── SP_ManageCareProvidersServiceCount (Psyter)
└── SP_GetBookingDetailsById

Messaging:
├── Message_InsertMessage
├── Message_GetNewMessagesCount
├── Message_GetUserConversationsList
├── Message_GetUserConversationMessages
└── Message_UpdateMessageStatus

Platform-Specific Features¶

Web Portal Only¶

• P_AUTHENTICATE_CLIENT_KEY - Client key authentication
• P_GET_ALL_USER - Admin user list
• Enhanced screen sharing controls (planned)

Mobile Only¶

• P_NO_ANSWER - Missed call notification
• P_GET_STAFF_STATUS - Bulk online status check
• C_HOLD_COLLABORATION / C_UNHOLD_COLLABORATION - Call hold
• Firebase push notifications

Android Client vs Android Care Provider¶

Identical feature set - Both use same commands
Difference: UI/UX and user roles (Patient vs Provider)

iOS Care Provider¶

• ⚠️ Limited testing - Most features assumed working
• ❌ APN disabled - Push notifications not functional
• ⚠️ Screen share - Status unknown

Known Limitations¶

1. Scalability Limitations¶

• Single server - All connections handled by one Node.js process
• In-memory state - No Redis/external cache
• Max ~10,000 concurrent connections (hardware dependent)
• No horizontal scaling - Can’t add more servers

2. Reliability Limitations¶

• No state persistence - Server restart loses all connections
• No failover - Single point of failure
• Heartbeat interval - 30 minutes (long gap, connections may appear alive when dead)
• No message queue - Offline messages may be lost if FCM fails

3. Feature Limitations¶

• No group video - Only 1 initiator + N participants in mesh (no SFU/MCU)
• No recording - Call recording not implemented
• No screen share start - Only end command exists
• No message editing - Once sent, can’t edit
• No voice messages - Only text and file URLs
• No reactions - Can’t react to messages with emoji

4. Security Limitations¶

• No end-to-end encryption - Messages/calls not E2E encrypted
• No rate limiting - Vulnerable to spam/DDoS
• Hardcoded credentials - DB passwords in source code
• No token expiration - Session tokens don’t expire
• No IP whitelisting - Open to all IPs

5. Multi-Tenant Limitations¶

• No dynamic tenant addition - New tenant requires code change + redeploy
• Shared codebase - Bug in one tenant affects all
• No tenant isolation - All tenants in same process memory

Missing Features¶

High Priority (Needed Soon)¶

Medium Priority (Nice to Have)¶

Low Priority (Future Considerations)¶

Feature Roadmap¶

Phase 1: Stability & Security (0-3 months)¶

Goal: Make system production-ready and secure

Features to Add:
1. ✅ Rate limiting per command
2. ✅ State persistence with Redis
3. ✅ iOS push notifications (enable APN)
4. ✅ Connection monitoring/health checks
5. ✅ Comprehensive error logging
6. ✅ Database connection pooling
7. ✅ Input validation on all commands

Features to Fix:
1. ✅ Screen share start command
2. ✅ File transfer chunking
3. ✅ Heartbeat interval (reduce to 5 min)

Phase 2: Scalability (3-6 months)¶

Goal: Support horizontal scaling

Features to Add:
1. ✅ Redis pub/sub for multi-server communication
2. ✅ Load balancer support (sticky sessions)
3. ✅ Distributed state management
4. ✅ Metrics/monitoring (Prometheus)
5. ✅ Auto-scaling support

Features to Fix:
1. ✅ Single-server bottleneck
2. ✅ In-memory state limitations

Phase 3: User Experience (6-12 months)¶

Goal: Enhance user satisfaction

Features to Add:
1. ✅ Message editing
2. ✅ Message reactions (emoji)
3. ✅ Voice messages
4. ✅ Call recording
5. ✅ Screen sharing (full support)
6. ✅ Call quality statistics
7. ✅ Web push notifications

Features to Fix:
1. ✅ Group video inefficiency (implement SFU)
2. ✅ Message limitations

Phase 4: Advanced Features (12+ months)¶

Goal: Differentiate from competitors

Features to Add:
1. ✅ End-to-end encryption
2. ✅ AI transcription (calls/voice messages)
3. ✅ Virtual backgrounds
4. ✅ Live translation
5. ✅ Advanced analytics
6. ✅ API for third-party integrations

Feature Testing Matrix¶

Automated Tests (Currently Missing)¶

Recommended Test Coverage:

Example Test Structure:

test/
├── unit/
│   ├── authentication.test.js
│   ├── presence.test.js
│   ├── messaging.test.js
│   └── collaboration.test.js
├── integration/
│   ├── database.test.js
│   ├── websocket.test.js
│   └── notifications.test.js
└── e2e/
    ├── call-flow.test.js
    ├── messaging-flow.test.js
    └── auth-flow.test.js

Summary¶

Feature Strengths¶

• ✅ 66 commands implemented - Comprehensive feature set
• ✅ Multi-tenant support - 12 different systems
• ✅ WebRTC signaling - Full call lifecycle
• ✅ Messaging - Text, files, read receipts
• ✅ Push notifications - FCM integration
• ✅ Multi-device - Same user, multiple devices

Critical Gaps¶

• ❌ iOS push notifications - APN disabled
• ❌ State persistence - No Redis
• ❌ Horizontal scaling - Single server
• ❌ Rate limiting - Security risk
• ❌ End-to-end encryption - Privacy concern
• ❌ Automated tests - No test suite

Recommendations¶

Do Now (0-1 month):
1. Enable iOS push notifications
2. Add rate limiting
3. Implement Redis for state persistence
4. Add comprehensive logging

Do Next (1-3 months):
1. Add automated tests
2. Implement horizontal scaling
3. Complete screen share feature
4. Add message editing

Plan (3-6 months):
1. Call recording
2. Group video optimization (SFU)
3. Voice messages
4. Web push notifications

This feature inventory provides a complete understanding of the NodeServer’s capabilities, limitations, and future enhancement opportunities.