CloudBoard — Enterprise-grade analytics and collaboration platform.
This project is intentionally designed to demonstrate:
- MERN stack architecture
- Authentication & authorization
- JWT + OAuth + SSO concepts
- AWS Lambda + S3 + CloudFront
- Secure refresh-token implementation
- CI/CD pipelines
- Scalable frontend architecture
- Production-grade backend practices
- Observability and monitoring
- Git workflows
- System design concepts
CloudBoard is a multi-tenant dashboard platform where users can:
- create dashboards
- upload files/images
- collaborate in realtime
- manage teams
- authenticate via Google OAuth
- securely upload assets to S3
- access analytics widgets
- manage sessions across devices
- view audit logs
The architecture intentionally includes:
- React frontend
- Node.js backend
- MongoDB database
- Redis caching/session support
- AWS Lambda for async processing
- S3 for storage
- CloudFront CDN
- CI/CD using GitHub Actions
Users
↓
CloudFront CDN
↓
React Frontend (Vite/Next.js)
↓
API Gateway / Nginx
↓
Node.js Backend
↓
MongoDB + Redis
↓
AWS S3
↓
Lambda Processing| Feature | Topics Covered |
|---|---|
| Google Login | OAuth, SSO |
| JWT auth | Access/refresh tokens |
| Session management | Multi-device login |
| File uploads | S3 signed URLs |
| Image processing | Lambda |
| CDN delivery | CloudFront |
| Activity logs | MongoDB indexing |
| Dashboard widgets | React architecture |
| Infinite scrolling | Performance optimization |
| CI/CD | GitHub Actions |
| Role-based access | JWT authorization |
| Realtime notifications | WebSockets |
| Audit logs | Observability |
| Background jobs | Queues/retries |
- React
- TypeScript
- Vite or Next.js
- React Query/TanStack Query
- Zustand/Redux Toolkit
- React Router
- Axios
- feature-based folder structure
- reusable hooks
- compound components
- lazy loading
- route-level code splitting
- virtualization
- memoization
- debouncing
- throttling
- infinite scroll
- protected routes
- token refresh flow
- HttpOnly cookie integration
- keyboard navigation
- semantic HTML
- aria labels
- Node.js
- Express.js
- MongoDB
- Mongoose
- Redis
- JWT
- Passport.js
- JWT auth
- refresh token rotation
- OAuth integration
- rate limiting
- helmet
- CORS
- CSRF protection
- Redis caching
- queue-based processing
- pagination
- indexing
- aggregation pipelines
- retry mechanism
- DLQ concepts
- centralized logging
- graceful shutdown
User Login
↓
Backend validates credentials
↓
Access token generated
↓
Refresh token stored in HttpOnly cookie- short-lived
- stored in memory
- sent via Authorization header
- long-lived
- HttpOnly secure cookie
- stored in DB per-device
- rotated during refresh
Each device stores separate refresh token.
Delete current refresh token.
Delete all refresh tokens for user.
- refresh token rotation
- token invalidation
- session revocation
Implemented using:
- Passport Google OAuth
- OAuth Authorization Code Flow
Frontend
↓
Google Login
↓
Backend callback
↓
Internal JWT issuedSimulate enterprise SSO using:
- centralized identity provider
- shared JWT validation
- organization-based access
Frontend requests signed URL
↓
Backend generates signed URL
↓
Frontend uploads directly to S3S3 Upload
↓
Lambda Trigger
↓
Thumbnail generationBackground report exports.
Async email handling.
Use CloudFront for:
- frontend asset delivery
- image CDN
- caching optimization
- cache invalidation
- asset versioning
- CDN optimization
{
_id,
email,
role,
organizationId
}{
userId,
refreshToken,
device,
ip,
expiresAt
}{
title,
widgets,
createdBy
}{
userId,
action,
createdAt
}activityLogs.createIndex({
userId: 1,
createdAt: -1
})Auto-delete expired sessions.
Analytics queries.
- caching dashboard data
- rate limiting
- session blacklist
- queue management
Redis cache → dashboard widgetsBackground tasks:
- email sending
- image processing
- analytics generation
Job failure
↓
Retry 3 times
↓
DLQ if still failingEven though the frontend uses micro frontends, the entire platform is managed using a monorepo.
This demonstrates:
- enterprise-scale repository management
- shared tooling
- centralized CI/CD
- code sharing
- scalable developer experience
Preferred options:
| Tool | Why |
|---|---|
| Turborepo | Fast builds + caching |
| Nx | Enterprise orchestration |
| pnpm workspaces | Efficient dependency management |
Turborepo
+ pnpm workspaces
+ Micro Frontendscloudboard/
├── apps/
│ ├── shell/
│ ├── auth-mfe/
│ ├── dashboard-mfe/
│ ├── analytics-mfe/
│ ├── admin-mfe/
│ └── backend/
│
├── packages/
│ ├── ui/
│ ├── auth-sdk/
│ ├── eslint-config/
│ ├── typescript-config/
│ ├── shared-types/
│ └── utils/
│
├── infra/
│ ├── terraform/
│ ├── docker/
│ └── github-actions/
│
├── package.json
├── turbo.json
└── pnpm-workspace.yamlVery common enterprise setup.
Benefits:
| Benefit | Why |
|---|---|
| Shared UI library | Design consistency |
| Shared types | End-to-end type safety |
| Shared linting | Consistent standards |
| Shared auth SDK | Centralized auth logic |
| Faster onboarding | Single repository |
packages:
- apps/*
- packages/*{
"private": true,
"scripts": {
"dev": "turbo run dev",
"build": "turbo run build",
"lint": "turbo run lint",
"test": "turbo run test"
}
}{
"$schema": "https://turbo.build/schema.json",
"pipeline": {
"build": {
"dependsOn": ["^build"],
"outputs": ["dist/**"]
},
"dev": {
"cache": false
}
}
}packages/uiContains:
- buttons
- modals
- tables
- form components
- theme system
packages/auth-sdkContains:
- token refresh logic
- axios interceptors
- auth hooks
- role utilities
packages/shared-typesExample:
export interface User {
id: string
email: string
role: string
}pnpm devpnpm --filter dashboard-mfe dev| Feature | Benefit |
|---|---|
| Incremental builds | Faster CI |
| Remote caching | Faster pipelines |
| Task orchestration | Dependency-aware builds |
Important interview topic.
Only changed apps deploy.
Example:
Changes in analytics-mfe
↓
Only analytics pipeline runs- name: Build Changed Apps
run: turbo run build --filter=...[origin/main]apps/backendBenefits:
- shared types
- shared validation
- easier integration
packages/eslint-configEnsures:
- consistent linting
- shared standards
packages/typescript-configCentralized tsconfig setup.
This setup enables discussion around:
- scaling frontend teams
- dependency management
- CI optimization
- micro frontend orchestration
- build caching
- shared packages
- runtime federation
- deployment isolation
Expected:
- shared tooling
- shared packages
- easier refactoring
- unified CI/CD
| Monorepo | Polyrepo |
|---|---|
| Easier sharing | Stronger isolation |
| Centralized tooling | Independent repos |
| Simpler refactors | Simpler permissions |
Expected:
- runtime independence
- development consistency
- shared libraries
- scalable architecture
Instead of a monorepo frontend, the system uses a micro frontend architecture.
This demonstrates:
- scalable frontend systems
- independent deployments
- team ownership boundaries
- runtime composition
- enterprise frontend architecture
Useful for:
- large engineering teams
- independently deployable apps
- domain-based ownership
- scaling frontend architecture
Shell App
├── Auth App
├── Dashboard App
├── Analytics App
├── Notifications App
└── Admin AppUsing:
- Webpack Module Federation OR
- Vite Federation Plugin
The shell app handles:
- routing
- layout
- shared auth state
- navigation
- global theme
- runtime loading
Features:
- login
- OAuth
- refresh token handling
- session management
Features:
- widgets
- charts
- realtime data
- infinite scroll
Features:
- aggregation visualization
- filters
- exports
Features:
- RBAC management
- user sessions
- audit logs
Shared dependencies:
react
react-dom
zustand/redux
axios
ui librarynew ModuleFederationPlugin({
name: "dashboard",
filename: "remoteEntry.js",
exposes: {
"./Dashboard": "./src/Dashboard"
},
shared: {
react: { singleton: true },
"react-dom": { singleton: true }
}
})Shell App
↓
Loads Remote Apps
↓
RemoteEntry.js
↓
Mounts Micro FrontendImportant interview topic.
Stored in:
- memory
- shared auth provider
Stored in:
- HttpOnly cookie
Shell App Auth Provider
↓
All MFEs consume auth statePossible approaches:
| Method | Use |
|---|---|
| Custom events | Lightweight communication |
| Shared state | Auth/session |
| URL state | Routing-driven state |
| Event bus | Cross-app notifications |
Huge advantage of MFEs.
Example:
Deploy Analytics App
WITHOUT redeploying entire frontendEach frontend has independent pipeline.
Dashboard Repo
↓
GitHub Actions
↓
Build + Deploy
↓
CDN UpdateCloudFront CDN
↓
Shell App
↓
Loads Remote Micro FrontendsMicro frontend interview topic.
Problems:
- dependency mismatches
- React duplication
- runtime incompatibility
- shared singleton dependencies
- semantic versioning
- contract-based APIs
- integration testing
Track:
- app load failures
- runtime federation errors
- frontend performance metrics
- cross-app navigation latency
src/
├── app/
├── pages/
├── components/
├── hooks/
├── services/
├── store/
├── routes/
└── utils/src/
├── controllers/
├── services/
├── repositories/
├── middlewares/
├── routes/
├── jobs/
├── config/
├── utils/
├── models/
└── validations/GitHub Push
↓
Install Dependencies
↓
Lint
↓
Run Tests
↓
Build Frontend
↓
Deploy to S3
↓
CloudFront InvalidationGitHub Push
↓
Install Dependencies
↓
Lint
↓
Run Tests
↓
Docker Build
↓
Deploy to AWSname: Frontend CI
on:
push:
branches:
- main
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: 20
- run: npm install
- run: npm run lint
- run: npm run test
- run: npm run buildname: Backend CI
on:
push:
branches:
- main
jobs:
backend:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- run: npm install
- run: npm run lint
- run: npm run testFROM node:20
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
RUN npm run build
EXPOSE 3000
CMD ["npm", "run", "start"]FROM node:20
WORKDIR /app
COPY package*.json ./
RUN npm install
COPY . .
EXPOSE 5000
CMD ["npm", "run", "start"]Use:
- Winston/Pino
- structured logs
- request IDs
- CloudWatch
- Grafana
- Prometheus
Track:
- API latency
- error rate
- queue failures
- auth failures
- helmet
- rate limiting
- validation
- sa