ari/research-school-2025
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
research-school-2025/writeups/task.md
Arija A. 46abc0fc76
 Create project plan and task 
Signed-off-by: Arija A. <ari@ari.lt>
2025-11-23 13:23:24 +02:00

7.2 KiB
Raw Permalink Blame History

Develop a Comprehensive Blogging Platform

Design and implement a fully functional, feature-rich blogging platform with the following core features and functionality:

  1. User Management

    • Registration & Authentication: Allow users to create accounts, log in, and manage their profiles. Support user authentication via email/password and multi-factor authentication.
    • Role-based Access Control: Implement different user roles (e.g., Moderator, Admin, Author, Reader) with varying levels of access and permissions.
    • Profile Management: Users should be able to update their profile, change passwords, and manage account settings.
    • Password Reset: Implement secure password recovery functionality.

  2. Blog Post Management

    • Create, Read, Update, Delete: Enable authors to create, edit, view, and delete blog posts. Posts should include:
      • Title, body, tags, and publication status (draft, published, archived)
      • Option to add images or media (via file upload).
      • The posts shall be written using markdown.
    • Versioning & History: Track changes made to each post (diffs), including the ability to revert to previous versions.
    • Scheduling Posts: Allow authors to schedule posts for future publication.

  3. Commenting & Engagement

    • Comments: Allow users to comment on blog posts. Support threaded comments and allow users to reply to comments.
    • Moderation Tools: Implement a basic moderation system that allows post authors and admins to delete inappropriate comments or flag them for review.
    • Likes & Reactions: Users should be able to like or react to posts and comments.

  4. Search & Content Discovery

    • Search: Implement a search function that allows users to find posts by title, body text, tags, and categories.
    • Filters: Users should be able to filter posts by tags, author, publication date, and post category.
    • Categories & Tags: Support categorisation of posts by topic (e.g., technology, lifestyle) and tags for additional metadata.
    • Subscriptions: Users should be able to subscribe to blogs and see their feed in their home page.

  5. Security & Privacy

    • Data Encryption: Ensure sensitive data is securely stored by using encryption (where applicable).
    • Input Validation & Sanitisation: Prevent SQL injection, XSS, and other common web vulnerabilities by implementing thorough input validation and output sanitisation across the platform.
    • Session Management: Implement secure user sessions, with features such as session expiry, logout functionality, and session tracking.

  6. Performance & Optimisation

    • Caching: Implement resource caching.
    • Pagination: Implement pagination for blog posts and comments.
    • Optimised Media Upload: Ensure that media is uploaded efficiently, with automatic resizing and compression.

  7. Analytics & Reporting

    • Post Analytics: Track and display metrics for each post, such as views, comments, likes, and shares.
    • User Engagement: Provide basic analytics for authors regarding the performance of their posts (e.g., most viewed posts, most engaged users).
    • Reporting Dashboard: Implement a simple dashboard for admins to monitor platform activity, user registrations, and post statistics.

  8. Legal Framework

Development of 6 Versions of the Platform

You will create 6 distinct versions of the blogging platform, each with different priorities. For each version, consider how the balance between security, readability, and maintainability impacts the development process.

Version A (High Security, Manual Development)

This version will focus on implementing robust security measures, prioritising secure coding practices, and ensuring the platform is resistant to common vulnerabilities.

Focus Areas:

  • Implement secure authentication, including multi-factor authentication.
  • Apply best practices for password hashing (e.g., Argon2).
  • Implement comprehensive input validation and output sanitisation (e.g., to prevent SQL injection, XSS).
  • Use encryption for sensitive data storage (e.g., personal information, media) and ensure secure transmission of data via SSL/TLS.
  • Implement secure session management (e.g., secure cookies, session expiration).
  • Deploy logging and monitoring to detect and respond to potential threats.

Version B (High Readability, Manual Development)

This version will focus on clean, readable, and maintainable code. The emphasis will be on creating clear, well-organised code that is easy to understand, refactor, and extend.

Focus Areas:

  • Use a modular architecture, breaking down functionality into small, reusable functions and components.
  • Consistent naming conventions, well-documented code, and descriptive comments.
  • Simplicity in design: prioritise clear and straightforward solutions over complex or highly optimised approaches.
  • Easy-to-follow code structures, avoiding deep nesting and ensuring functions/classes are focused on single responsibilities.

Version C (Balanced, Manual Development)

This version will seek a balance between security, readability, and maintainability, incorporating key practices from both versions A and B.

Focus Areas:

  • Ensure robust but not over-engineered security practices (e.g., secure authentication and input validation).
  • Maintain clean and modular code, with an emphasis on readability without sacrificing necessary security features.
  • Simple, clear architecture with focus on maintainability and scalability for future development.

Version D (High Security, AI Optimised)

This version will leverage AI tools to help optimise the security of the platform, with a particular focus on ensuring the code is secure while maintaining readability.

Focus Areas:

  • AI-driven recommendations for secure coding practices (e.g., encryption, authentication mechanisms, input validation).
  • Use AI to identify and suggest improvements for areas prone to security risks (e.g., weak password storage, insecure endpoints).
  • AI-powered refactoring to optimise security-heavy code for better readability without compromising security.

Version E (High Readability, AI Optimised)

This version will use AI tools to improve the readability and maintainability of the code, ensuring the platform remains both understandable and efficient.

Focus Areas:

  • AI-assisted refactoring to improve the clarity of complex code and simplify error handling.
  • AI suggestions for improving code structure, modularity, and adherence to best practices for readability.
  • Optimise security practices via AI while ensuring the platform remains simple and intuitive.

Version F (Balanced, AI Optimised)

This version will combine the strengths of both security and readability using AI, with the aim of finding the optimal balance between the two priorities.

Focus Areas:

  • AI-driven insights for balancing security features (e.g., encryption, authentication) with modular and clean code.
  • Use AI to identify the trade-offs between complexity and readability in security code and suggest the best balance.
  • Real-time AI feedback during development to guide decision-making on code quality and security.