# Infomix Scalable Architecture

## Application

- Next.js 15 App Router for SSR, metadata, sitemap, robots, API routes, and dashboards.
- Auth.js handles Google OAuth, SMTP magic links, and credentials login.
- Prisma is the database layer, targeting MySQL/MariaDB for cPanel compatibility.
- Public uploads are stored in `public/uploads` for simple cPanel deployment.

## Production Scaling

- Move uploads to Cloudflare R2, S3, Bunny Storage, or another CDN-backed object store.
- Put Cloudflare in front of `theinfomix.com` for caching, WAF, image optimization, bot protection, and push notification worker routing.
- Add Redis for distributed rate limiting, sessions, queues, view aggregation, and trending calculations.
- Run scheduled publishing and social auto-sharing through a cron worker or queue processor.

## Database Optimization

- Keep article listing queries on `status`, `publishedAt`, `featured`, and `breaking` indexes.
- Use MySQL full-text search for title, excerpt, and content.
- Add materialized daily analytics tables for high-traffic reporting.
- Archive old metrics into monthly summary tables.
- Use read replicas once traffic grows beyond one primary MySQL node.

## Security Best Practices

- Use strong `AUTH_SECRET`, HTTPS-only cookies, and trusted host config.
- Keep admin routes role-guarded and rate-limit write endpoints.
- Validate all API input with Zod.
- Restrict uploads by MIME type and size.
- Sanitize rich text on a hardened production pass if untrusted contributors are allowed.
- Add Cloudflare WAF rules for login, registration, upload, and AI endpoints.
- Store SMTP, OAuth, database, OpenAI, and push credentials only in environment variables.

## Recommended Packages

- `@auth/prisma-adapter` for Auth.js database sessions/accounts.
- `@tiptap/react` for WYSIWYG editing.
- `prisma` and `@prisma/client` for MySQL data access.
- `zod` for API validation.
- `openai` for AI drafting and summarization.
- `lucide-react` for consistent iconography.
- `framer-motion` for restrained interface animation.
- `next-sitemap` only if a static sitemap workflow is preferred over the included dynamic sitemap.