Cross platform Flutter application to subscribe and vote on Rousseau. Rousseau is the e-voting platform of the 5 Stars MoVement, one of the main Italian Parties. Given its social impact, this app will be implemented in crowdsourcing allowing everyone to contribute. This is also a social experiment: trying to build something so relevant and impactful only with voluntary contributions.
The goal of this first wave is to build a voting app. The functionality we are interested in implementing are:
- Login (with 2FA via SMS)
- Edit Account
- ID documents upload
- Polls listing
- Voting (text and candidate options)
- Notification (and deeplink handling)
- Blog Instant Articles
- Events Portal
- Send Feedback
- User profile
We are relying on the current backend used by the webapp (single page application) and on our keycloak server as a single sign on. This is the SSO root url: https://sso.rousseau.movimento5stelle.it. Keycloak uses the Open ID Connect protocol. For more info about the login and registration flow, refer to the official guide. For the login we are using a secret client.
The backend is a graphql API written in rails, that exposes only one endpoint for all the queries: https://api.rousseau.movimento5stelle.it/graphql. Queries are provided in this codebase.
To send notifications the backend has to add the field click_action = FLUTTER_NOTIFICATION_CLICK
. It's possible to add the optional parameter route
as one of the ROUTE_NAME you can find on each screen. E.g.: route = /polls
In the project canvas there is a list of open issues to work on and discussions to contribute. It also includes UX/Design tasks that won't require any programming skills. Everyone is free to grab an issue and solve it, to file new issues and to propose new features or improvements of the existing ones. This project and codebase are public and all the information and history are available to everyone.
- We are using the provider pattern, watching this video is a must!
- We are using Dependency Injection with injectable. Familiarize with the design pattern and add your class to RegisterModule when possible. We want to avoid direct invocation of the constructors at least for important objects.
- Run
flutter pub run build_runner watch --delete-conflicting-outputs
if you plan to change compile time generated classes. For example, you'll need it if you want to add a new injected class. You can build the changes once withbin/generate_code.sh
For the PR flow we are referring to this flow. In order to be considered, PR have to be written in english, pass all the tests and pass all the lint checks. For substantial UI changes you should add a screenshot to the PR. In order to be merged, they have to be approved by an owner.
Secrets (non critical) are encrypted in the codebase using git-crypt. Those are mainly configuration files (Sentry DSN, Apple/Google notifications keys). Although not critical, they are encrypted in the codebase. Developers will not be able to decrypt them, but this does not prevent any critical feature just error reporting and notifications. This will trigger warnings when starting the app that can easily be ignored (e.g.: firebase/apple services first connection). Lead developers and the github bot have the keys to decode those files. The github pipeline is able to decrypt the files and include them in the executable for iOS and Android.