Skip to content

System Architecture Overview


High-Level Architecture

flowchart TD
    Browser[Browser / Android App] --> Render[Render: Gunicorn\n1 worker, 6 threads]
    Render --> Flask[Flask App\nlenzeye_database.py]
    Flask --> Blueprints[Blueprints\n15+ route modules]
    Flask --> DB[(PostgreSQL\nRender Managed)]
    Flask --> S3[Wasabi S3\nAP Southeast-1]
    Flask --> Celery[Celery Worker\nRedis broker]
    Celery --> S3
    Celery --> DB

Components

Component Role
Gunicorn WSGI server, 1 worker + 6 gthread threads
Flask Web framework, app factory pattern
SQLAlchemy + Flask-Migrate ORM + DB migrations
PostgreSQL Primary database (Render managed)
Wasabi S3 (boto3) Object storage for all user files
Celery + Redis Async task queue for heavy S3 operations
Brevo SMTP Transactional email (OTP, notifications)
Razorpay Payment gateway (in integration)

Request Flow

Upload (Plain Path)

Browser → POST /upload/guest/initiate → Flask → S3.create_multipart_upload Browser → GET /upload/guest/presigned-url → Flask → S3.generate_presigned_url → returned to browser Browser → PUT directly to S3 via presigned URL (no Flask in data path) Browser → POST /upload/guest/complete → Flask → S3.complete_multipart_upload

Upload (Encrypted Path)

Browser → POST /upload/guest/encrypted/initiate → Flask → DB.get_user_key → create session_token → S3.create_multipart_upload Browser → POST /upload/guest/encrypted/upload-part → Flask → decrypt_token → AES-256-CTR encrypt → S3.upload_part Browser → POST /upload/guest/encrypted/complete → Flask → HMAC finalize → S3.complete_multipart_upload → S3.copy_object (metadata update)

Download (Encrypted)

Browser → GET /download/{token} → Flask → verify OTP → DB.get_link → S3.get_object (stream) → AES-256-CTR decrypt → stream to browser


Blueprint Map

Blueprint File Prefix
guest_upload_bp guest_upload_routes.py /
guest_download_bp guest_download_routes.py /guest
upload_wasabi_bp upload_wasabi_home.py /
secure_storage_new_routes_bp secure_storage_new_routes.py /
decide_upload_bp DecideWheretoUpload.py /
multifile_upload_bp multifile_upload_routes.py /
sst_bp sst_flask_routes.py /sst-file-manager
collaboration_routes collaboration_routes.py /
admin_routes admin_routes.py /
lab_portal_bp lab_portal_routes.py /
lab_print_upload_bp lab_print_upload_routes.py /
android_api android_api_routes.py /
store_routes lenzeye_store_routes.py /store
email_routes email_token_routes.py /
user_registration_bp UserRegistration.py /

TL;DR

What it is: Flask app factory, deployed on Render via Gunicorn, using PostgreSQL for data and Wasabi S3 for files. Celery handles async S3 listing. 15+ blueprints split by feature domain.

Key design choices: Single Gunicorn worker (RAM constraint), stateless upload session tokens (horizontal scale-ready), all file data goes to S3 (server RAM-safe), Celery offloads slow S3 list operations.