HeartWire, Part 1: Basics

Oct 14, 2016 at
I recently started a new project.
The problem I had to deal with was to connect exactly two people, so they could communicate via text messages.

The most important requirements where:
  •  The application needs to run on
    • Firefox OS 2.6
    • Android 4.3
  • It needs to work in 
    • China
    • Germany
Therefore I had to choose the right technologies in order to implement this Project.
  • a webapp for best multi platform support
  • cordova wrapper on android to support important device APIs
  • SimplePush from mozilla for FxOS 2.6
  • BaiduPush for Android to deliver notifications in china
  • WebSocket for a fast and lightweight connection to the server
  • Polymer Paper Elements for a fast layout implementation
  • AES for symmetric message encryption
  • WebCrypto API to end-to-end encrypt all messages
  • ApplicationFrame for data binding

I started out with building a basic server and client.
My first goals were to authenticate with a user name and password. Passwords are stored Base64 encoded inside the client application. When they are sent to the server, they are hashed with SHA-1 and then compared. On the server passwords are stored as SHA-1 hashes.
The connection is established via WebSocket. Every time the client needs to establish a new connection he is required to provide the username and encoded password. If the user credentials don't match any existing user, the server will drop the connection.
The server expects the client to initiate the authentication in less than 10 seconds. If the validation of the credentials was successful, the server will reply with the account information of the authenticated user.