WhereYouAre: Difference between revisions

From Bitpost wiki
No edit summary
No edit summary
 
(11 intermediate revisions by the same user not shown)
Line 1: Line 1:
I'm going to take an "Open-Design Software" approach to this project, please feel free to send me your two cents if you have an opinion.
== Analysis ==
It would be useful, and should be easy, to provide an app that shows where your friends are.  Many of these apps already exist, but they all break down when it comes to reaching critical mass: it's just too much trouble to get all your friends registered and receive their locations when you need them.  Everyone is not going to run the app at the same time, which just leaves push communication to the phone.  Can we solve this problem well enough to make an app worth having?
== Requirements ==
* Free and easy to configure
* Quickly start to track existing friends
* Provide tracking for all, one,  and groups of friends
* Make fast privacy and priority adjustments
* Obtain best-in-class location information
== Design ==
== Design ==
* Map view for traditional location display
* Arrow view for sexy fun location display
* Contacts view for fast privacy/prioritization changes
== Implementation ==


(round2)
[http://thedigitalmachine.com/services/recess_git/whereyouare Current live RESTful API]
    REST summary
    ------------
    every resource has to be discoverable via links
        basically a developer can learn the API with a browser
        also, with links, you can mingle resources from any REST api
    verbs
        GET - retrieve a specific resource
        DELETE - delete a specific resource
        PUT - update a specific resource
        POST - create a new resource and return the ID - neither safe nor idempotent
        you can repeat calls to GET/DELETE/PUT all day long if they fail
    complex functions (eg query and result) as resources
        create a query resource with a TTL
        add to it
        execute it (and auto-release?)
        release it (or let this happen automatically with server-side TTL cleanup)


     how do we handle huge lists?  like this?
     map features:
         wya/users
        get updated locations
             returns the first 10 users with a link to next 10
        touch user to open details
         wya/users/range/11-20
    arrow features:
            a link to users 11-20
        get updated locations
        touch user to open details
    contacts features:
        add friend
        remove friend
        import friends?
         open details...
            show pic, phone, ip, last timestamp
             adjust...
                track follow just this user
                meetup track, + use push to harass, etc. for meetup
                ignore do not show this user no matter what
                stealth show this user but prevent them from seeing me
                ping/msg send a push to the wya user
                groups change friend's groups
    settings features:
        go completely offline
        go completely stealth
        select current group
         manage groups including priority
        adjust total number of friends shown on arrows
        adjust total number of friends shown on map
        toggle [show my location] on map
        turn off focus (if on)
        turn off meetup (if on)


    {resource}/edit should return an edit form (cool) - I think recess already does this?


     authentication - use SSL with HTTP Basic Authentication, or SHA1 signature (ala Amazon S3)
     wya PHASE 1 NOTES
    -----------------


     wya API requirements
     wya API requirements
     ------------------------------------------
     ------------------------------------------
  https - put - wya/user/123-456-7890/password (need to verify against new app "orders"?! for now, allow new#'s to register?!)
  https w basic auth - put - wya/user/123-456-7890/password (only to change existing users' pwd)
  https w basic auth - put - wya/user/123-456-7890/location
  https w basic auth - put - wya/user/123-456-7890/subscription
  https w basic auth - get - wya/user/123-456-7890/subscription/location_and_age_array
    wya PHASE 2 NOTES
    -----------------
     https put "my friends subscription" (on startup)
     https put "my friends subscription" (on startup)
     https put "my location" every 15 seconds (may be "stealthmode") \  
     https put "my location" every 15 seconds (may be "stealthmode") \  
Line 45: Line 79:
     put "my friend" (the server only tracks phone number, no editing available)
     put "my friend" (the server only tracks phone number, no editing available)
     any meetup or ignore state
     any meetup or ignore state
        ignore is done by deleting friend
      ignore is done by deleting friend
        meetup is done by client requesting pings
      meetup is done by client requesting pings


     wya server requirements
     wya server requirements
Line 52: Line 86:
     track activeuser {phone,stealthmode,friendarray{phone,stealthed}} array
     track activeuser {phone,stealthmode,friendarray{phone,stealthed}} array
     collect nonstealthed friend locations "by any means necessary"
     collect nonstealthed friend locations "by any means necessary"
        priority: active app users, inactive app users, nonusers
      priority: active app users, inactive app users, nonusers
     reply to API requests
     reply to API requests
        only report locations if not stealthed
      only report locations if not stealthed
        only report locations if under a day old?
      only report locations if under a day old?
     ping app users for meetups (if not ignored or stealthmoded)
     ping app users for meetups (if not ignored or stealthmoded)
     use TTL of 6 heartbeats, kill activeuser after that
     use TTL of 6 heartbeats, kill activeuser after that
Line 66: Line 100:
     "ignore all" mode (similar to "logoff server")
     "ignore all" mode (similar to "logoff server")


(round1)
    (round1)


     all f's of all users running app need constant location ping
     all f's of all users running app need constant location ping
        f's must be shared with phone# as key
      f's must be shared with phone# as key
        server must track users' flist
      server must track users' flist
        server must constantly work on getting f updates
      server must constantly work on getting f updates


     user starts up app
     user starts up app
        user logs in to server and sends friendlist
      user logs in to server and sends friendlist
        server adds user to userlist, merges friendlist into totalfriendlist (w/refcount?)
      server adds user to userlist, merges friendlist into totalfriendlist (w/refcount?)
        server should do its best to get all friends' locations
      server should do its best to get all friends' locations
            ** this is a separate task from communicating with user **
          ** this is a separate task from communicating with user **
        user pings server with location, gets f updates
      user pings server with location, gets f updates
            ping every 15 seconds?
          ping every 15 seconds?
            only send updates if they have not been received by user?  (how to get best performance?)
          only send updates if they have not been received by user?  (how to get best performance?)
        user shuts down app (or times out)
      user shuts down app (or times out)
        user is logged out of server
      user is logged out of server


     server f location collector
     server f location collector
        use external services to poll for location for all f that are not running app
      use external services to poll for location for all f that are not running app
            ping every 15 seconds?
          ping every 15 seconds?
            users that are running app are all sending locations, no need to collect them
          users that are running app are all sending locations, no need to collect them


        include occasional push check:
      include occasional push check:
            if f owns app
          if f owns app
                if f is not running app
              if f is not running app
                    if f is in meetup
                  if f is in meetup
                        push request to f1
                      push request to f1




Line 100: Line 134:
      
      
== REST  Examples ==
== REST  Examples ==
#The best example I have to follow is the [http://apiwiki.twitter.com/Twitter-API-Documentation Twitter API].  It *obviously* scales.  It uses Basic Authentication, which sucks (everything is plaintext, holy shit).  BETTER force it to use SSL.
#The best example I have to follow is the [http://apiwiki.twitter.com/Twitter-API-Documentation Twitter API].  It *obviously* scales.  It uses Basic Authentication, which sucks (everything is plaintext, holy shit).  BETTER force it to use SSL.  They are moving towards a more-robust authentication based on OAuth.
#The other excellent example is the [http://docs.amazonwebservices.com/AmazonS3/latest/index.html?RESTAuthentication.html Amazon S3 API].  Authentication is brilliant - it uses a SHA1 signature of the request, which MUST include a timestamp within the last 15 minutes.  There is a set of rules for turning the request URL into the request string that is signed.
#The other excellent example is the [http://docs.amazonwebservices.com/AmazonS3/latest/index.html?RESTAuthentication.html Amazon S3 API].  Authentication is brilliant - it uses a SHA1 signature of the request, which MUST include a timestamp within the last 15 minutes.  There is a set of rules for turning the request URL into the request string that is signed.
  Signature = Base64( HMAC-SHA1( UTF-8-Encoding-Of( YourSecretAccessKeyID, StringToSign ) ) );
  Signature = Base64( HMAC-SHA1( UTF-8-Encoding-Of( YourSecretAccessKeyID, StringToSign ) ) );

Latest revision as of 20:13, 3 March 2010

I'm going to take an "Open-Design Software" approach to this project, please feel free to send me your two cents if you have an opinion.

Analysis

It would be useful, and should be easy, to provide an app that shows where your friends are. Many of these apps already exist, but they all break down when it comes to reaching critical mass: it's just too much trouble to get all your friends registered and receive their locations when you need them. Everyone is not going to run the app at the same time, which just leaves push communication to the phone. Can we solve this problem well enough to make an app worth having?

Requirements

  • Free and easy to configure
  • Quickly start to track existing friends
  • Provide tracking for all, one, and groups of friends
  • Make fast privacy and priority adjustments
  • Obtain best-in-class location information

Design

  • Map view for traditional location display
  • Arrow view for sexy fun location display
  • Contacts view for fast privacy/prioritization changes

Implementation

Current live RESTful API 

   map features:
       get updated locations
       touch user to open details
   arrow features:
       get updated locations
       touch user to open details
   contacts features:
       add friend
       remove friend
       import friends?
       open details...
           show pic, phone, ip, last timestamp
           adjust...
               track		follow just this user
               meetup		track, + use push to harass, etc. for meetup
               ignore		do not show this user no matter what
               stealth		show this user but prevent them from seeing me
               ping/msg	send a push to the wya user
               groups		change friend's groups
   settings features:
       go completely offline
       go completely stealth
       select current group
       manage groups including priority
       adjust total number of friends shown on arrows
       adjust total number of friends shown on map
       toggle [show my location] on map
       turn off focus (if on)
       turn off meetup (if on)



   wya PHASE 1 NOTES
   -----------------

   wya API requirements
   ------------------------------------------
  https - put - wya/user/123-456-7890/password (need to verify against new app "orders"?! for now, allow new#'s to register?!)
  https w basic auth - put - wya/user/123-456-7890/password (only to change existing users' pwd)
  https w basic auth - put - wya/user/123-456-7890/location
  https w basic auth - put - wya/user/123-456-7890/subscription
  https w basic auth - get - wya/user/123-456-7890/subscription/location_and_age_array



   wya PHASE 2 NOTES
   -----------------
   https put "my friends subscription" (on startup)
   https put "my location" every 15 seconds (may be "stealthmode") \ 
   https get "my friends' locations" with ages (may be "stealthed")/ combine?
   https post "my new friend" with phone number and stealthstatus
   https put "my friend" with phone number and updated stealthstatus
   https delete "my friend" with phone number
   https put "ping this friend" with phone number
   https put "logoff"

   NOT needed...
   -------------
   put "i am running the app" (implied by [put my location])
   put "my friend" (the server only tracks phone number, no editing available)
   any meetup or ignore state
      ignore is done by deleting friend
      meetup is done by client requesting pings

   wya server requirements
   -------------------
   track activeuser {phone,stealthmode,friendarray{phone,stealthed}} array
   collect nonstealthed friend locations "by any means necessary"
      priority: active app users, inactive app users, nonusers
   reply to API requests
      only report locations if not stealthed
      only report locations if under a day old?
   ping app users for meetups (if not ignored or stealthmoded)
   use TTL of 6 heartbeats, kill activeuser after that

   wya client requirements
   -------------------
   maintain complete friends list (even ignored) with prioritization
   ping server with location every 15 seconds
   adjust tracking to include "top n" friends
   "ignore all" mode (similar to "logoff server")

   (round1)

   all f's of all users running app need constant location ping
      f's must be shared with phone# as key
      server must track users' flist
      server must constantly work on getting f updates

   user starts up app
      user logs in to server and sends friendlist
      server adds user to userlist, merges friendlist into totalfriendlist (w/refcount?)
      server should do its best to get all friends' locations
          ** this is a separate task from communicating with user **
      user pings server with location, gets f updates
          ping every 15 seconds?
          only send updates if they have not been received by user?  (how to get best performance?)
      user shuts down app (or times out)
      user is logged out of server

   server f location collector
      use external services to poll for location for all f that are not running app	
          ping every 15 seconds?
          users that are running app are all sending locations, no need to collect them

      include occasional push check:
          if f owns app
              if f is not running app
                  if f is in meetup
                      push request to f1



   <iph>			<tdm_rest>		<tdm_pusher>		<apl>			<loc_server>
   -----			-----			-----			-----			-----

REST Examples

  1. The best example I have to follow is the Twitter API. It *obviously* scales. It uses Basic Authentication, which sucks (everything is plaintext, holy shit). BETTER force it to use SSL. They are moving towards a more-robust authentication based on OAuth.
  2. The other excellent example is the Amazon S3 API. Authentication is brilliant - it uses a SHA1 signature of the request, which MUST include a timestamp within the last 15 minutes. There is a set of rules for turning the request URL into the request string that is signed.
Signature = Base64( HMAC-SHA1( UTF-8-Encoding-Of( YourSecretAccessKeyID, StringToSign ) ) );
Retrieved from "https://bitpost.com/w/index.php?title=WhereYouAre&oldid=2456"