diff options
author | pacien | 2021-07-29 18:15:12 +0200 |
---|---|---|
committer | pacien | 2021-07-29 18:15:12 +0200 |
commit | d8ebf148dda8d5e7fae5906568aa01e98aa4cc23 (patch) | |
tree | f0eba919eed5616546cc802af6f99814ae9d9976 | |
parent | 57ff25198a82b3f6f413440e4005f0ade8dfb8d8 (diff) | |
download | uge_l2_rdbms_python_proto-d8ebf148dda8d5e7fae5906568aa01e98aa4cc23.tar.gz |
docs: add improvement ideas
-rw-r--r-- | readme.md | 41 |
1 files changed, 41 insertions, 0 deletions
@@ -210,6 +210,47 @@ simplicity. | |||
210 | [CSRF]: https://owasp.org/www-community/attacks/csrf | 210 | [CSRF]: https://owasp.org/www-community/attacks/csrf |
211 | [SameSite]: https://owasp.org/www-community/SameSite | 211 | [SameSite]: https://owasp.org/www-community/SameSite |
212 | 212 | ||
213 | ### Going further | ||
214 | |||
215 | #### Technical platform improvements | ||
216 | |||
217 | * Form validation could be refactored to make constraints more easily | ||
218 | composable and to improve error reporting to users with a per-field | ||
219 | granularity. | ||
220 | |||
221 | * Error handling could be improved by the use of exceptions to be turned into | ||
222 | user-friendly error messages in a generic way, either through decorators or | ||
223 | with a middleware. | ||
224 | |||
225 | * Request handlers could be made fully asynchronous after migrating to psycopg3 | ||
226 | to improve performance under a large amount of requests. | ||
227 | |||
228 | * Database schema migration will need to be implemented to ease the deployment | ||
229 | of subsequent versions of the application. | ||
230 | |||
231 | #### Functional project improvements | ||
232 | |||
233 | * A minimum transaction amount needs to be introduced to prevent users from | ||
234 | dodging the transaction fees by sending small unbillable amounts. | ||
235 | |||
236 | * The financial transaction log on the wallet page gets longer over time and | ||
237 | needs to be properly paginated. | ||
238 | |||
239 | * Some stronger form of authentication could be used, either by delegating the | ||
240 | authentication to some other provider, or by adding multiple-factor | ||
241 | authentication. | ||
242 | |||
243 | * Users should be offered the possibility to modify their account data, delete | ||
244 | their account, and to download all the data concerning them. | ||
245 | |||
246 | * The creation of new user accounts could require some email validation. | ||
247 | Users could be notified via email of incoming money transfers. | ||
248 | |||
249 | * The user interface could be translated into multiple languages with the help | ||
250 | of an internationalisation/localisation library such as [Babel]. | ||
251 | |||
252 | [Babel]: http://babel.pocoo.org/en/latest/ | ||
253 | |||
213 | 254 | ||
214 | ## Development environment | 255 | ## Development environment |
215 | 256 | ||