Background
Highways play an important and major role in making travelling easier and convenient. It enhances the transport system by reducing transport cost, travelling time by making transportation schedules and deliveries more timely and reliably. When it comes to the economy, highway transportation is really special and important. People who work in offices can report to their offices on time without any delay if they use a highway. Also huge numbers of companies are traveling goods; provide services in efficient and productive manner due to these highways. Other than economy highways families can also travel frequently there houses, go on trips or picnics with more ease. Even in these days ambulances also can use highways and patients can get emergency medicine and treatments due to these highways.
But in Sri Lanka sometimes we see there are large queues in highway exits. If there is a long weekend or if it is rush time to offices there are a large number of vehicles waiting in the queues in order to pay for the highway and to exit. So people are getting more time in queues so it’s useless using a highway if they stay so long in these queues. Main reason for this problem is that people use Manual Toll Collection (MTC) instead of Electronic Toll Collection (ETC).people always use traditional methods instead of using technologies. So by designing this application it will encourage people to use ETC rather than using MTC. In this highway vehicle passer system, there are some user attraction techniques and if people get used to these kinds of applications the above discussed problem will solve and we can get the maximum advantage from the highways too.
Problem
Under the circumstance of Covid-19, it is expeditiously spreading worldwide to a massive extent. In consequence people are guided to maintain social distance and for the most part, avoid interactions between each other. According to this situation, cash transactions between one another has become a considerable issue in this context. This pandemic can be spread effortlessly through cash transactions when exchanging currency notes.
Alternatively, The World Health Organization (WHO) advised the society to use several methods of transaction options for online payments. People have a good impression with these cashless solutions as these are swift and convenient to handle. Yet these cashless solutions such as cards and online payments are not implemented in vehicle parks and in highways. Usage of cash in these kind of locations are at a high risk of spreading this pandemic in a high rate
There are two main systems which can be utilized for transactions, Manual Toll Collection (MTC) and Electronic Toll Collection (ETC). ETC is very effective than MTC. But majorly people use this MTC method since it has no additional charge. Highways are compatible with Electronic Toll Collection System (ETC) payments. But for the ETC, people have to pay an installation fee for a unit. Due to these reasons and extra charges, people are reluctant to use this ETC method. Therefore, most of the vehicle owners are not using this method so the effectiveness of this system is very low. MTC is based on printing bills and it is not eco friendly due to that reason pollution of the environment is a considerable issue. ETC is based on electronic rays which can cause health problems in the human body.
As per the current ETC payment method, vehicles are charged for the toll but the card cannot be recharged through online and also if the vehicle does not have an ETC Master card this method is useless. Besides, there is no appropriate mechanism to measure the time that vehicles spend in service areas or fuel stations inside the highway. Crucially there is no one appropriate solution to track the time spent and the expenditures made while traveling on a highway, equally public and the government face problems in assembling information and statistics.
Examples
- Tracking the time, when a person arrives and departures a supermarket and the expenses made.
- Identifying publics who use automated bill payment technologies at public places.
- Tracing the procedure time period of public transportation.
- Identifying people who cooperated with public places as hospitals or restaurants.
Solution
When analyzing the present condition, it was possible to recognize the appropriateness of an online system. By Creating of this system, it will become more effective and efficient moreover, expecting to provide an efficient service. The web app allows users to log in, and anyone with a driving license can register and use it. It has the capability to register and use public vehicles separately. When finalizing the registration, the customer obtains an authorization email and is able to get the relevant barcode from a particular place. Essentially it is possible to organize an appropriate method to top-up those cards online or any place in the country.
Through this app, the public have the ability to register their vehicles and customize which vehicle to use in this circumstance before entering the highway and also if a client using someone else’s vehicle for travel, it is possible to enter and use the ID of that following vehicle. If ETC cardholder is facing any problem regarding the ETC card or if anyone registered for ETC card have the ability to settle the payments and it varies up to the ability that can pay. Unlike ETC, this is not including any installation fee and registration is completely free of charge. There is a tendency for the majority of people to be interested towards this.
When it is required to make a payment, public can tap the card with the barcode included on the barcode reader at the highway entrance or they can start the journey by scanning the QR code installed on the following app. In-between the drive, if a customer enters the service area they can read the barcode or scan the QR code at the following locations and in exit too. Afterwards they can do the way as mentioned above. The travel fee will be charged from the user’s account and the bill will be receiving via e-mail. This procedure can stop the destruction caused by the bills printed by the MTC and cease the damage caused to the bodies by the electronic waves radiated by the ETC.
With this application, it can effortlessly record the information of drivers as well as the entrances and the departures of the vehicles. Besides, if they arrived the service areas it can easily classify the places they have stayed and the time spent at those several areas. If an individual infected with Covid-19, it can easily identify and treat people and also who have been in and out of the area for specified period of time, from the time of entry to the time of departs along with the people got engaged with the infector.
System functionalities
Home
If it is a new user, the following user can go through the registration button and create a new own account and if a person already owned an account, user can log in to the system through the login button and use it
Registration
This allows a new user to create their own account by entering their own data and once the account created, the registration will be verified by email That following email consist with the numbers connected to their barcode card has also been stated. They have to send the number code to the appropriate place and get the barcode card.
Login
This is the login page for all types of users to login. Any user can enter the system by entering their username and password. If they entered a wrong username or password, it will be displayed as an error. After entering the correct user details, user have the access to the dashboard corresponding to that user type and the dashboard is displayed as given below
Dashboard
As mentioned above, the dashboard related to the user type of the logged in user will look as given below.
- Driver Dashboard
This is the dashboard that appears when “driver” is the user type. It shows the account balance of the driver, and current active vehicles and detail etc. The user can click on the “ADD VEHICLE” button and add other vehicles to the system. The “ACTIVE VEHICLE” button can use to change the current active vehicle.
- Operator Dashboard
This is the dashboard appears when the user type operated. The chart appeared shows the full recharged amount for the previous six days including the current day. With the “RECHARGE” button, user can log to the recharge page of the driver’s account.
- Admin Dashboard
This is the dashboard appears when the user type is admin. The chart given below shows the entrance and exit vehicle count for the present day and previous six days. The next chart illustrates the entrance vehicle type count and the final chart shows the exit vehicle type count. All those charts can be changed according to the location. “TERMINAL CONTROL” button let the users log to the page used to control the terminal.
Profile
This page can be only used for Drivers. It can edit and update all the information of the driver. It will be notified by email and a popup alert after the update.
Add Vehicle
This is used to alternate the driver’s vehicle into an active vehicle. By entering the vehicle ID, it can confirm the active vehicle for the journey. After changing the vehicle, it will be notified by an e-mail and a popup alert.
Recharge
This can be only used for operator type users. This permits to recharge the driver’s account. After the account recharged, the driver will be notified via an e-mail and the operator with a popup alert.
Terminal control
This is only customized for admin type users. This permit to open a vehicle portal for entrance and exit. The portal capable to read the driver’s barcode and allow to enter and exit. At the time of entrance, the system will check whether the account is less than thousand rupees and if it is less than thousand, it will be notified via a pop-up alert. After reading the portal card in entrance or exit, driver will be notified via email and the screen too notified via pop-up. The amount related to the journey will be notified in exit via e-mail.
Futures Enhancement
The following functions will be added in future versions.
- If the password is forgotten or it need to be changed, the system expected to be updated so that can be changed.
- The table in “ADD VEHICLE” is expected to facilitate the activation of a vehicle easily.
- If the driver’s barcode is misplaced, expecting to add a new feature that allows the system to request and activate the card as well as allow to request a new card.
- When the driver’s account being recharged, it is possible to link the credit or debit cards and planning to update the payments to pay automatically when they travel through highway.
- Expecting to add a feature for the drivers to view the recharge history, travel history, and payment history.
- Planning to create a recharge report that can be obtain location wise and user wise for operators.
- In addition to e-mails, expecting to activate SMS alert service
- Hope to create the user interfaces attractive and user friendly.
Identified Problems in the Current System
- The current system is a web application therefore; it is difficult to use a browser. The users have to remember the web addresses every time and enter those accurately. Due to that, users facing many difficulties in this procedure. The user login page is the default login page in OAuth so every error message that appears on it is irreplaceable and not user friendly.
- The card used for the driver is a car with a barcode and must be held in the correct position when reading if it is not so, no reading will take place. In case of service down, page not found, an error appears on the browser as it is a bad experience for user. The user will not be able to use the system again and again and the messages appearing there are not user friendly.
- Presently, the log history does not create a history of backend processes in the system to identify how a system error occurred.
- The ETC allows the vehicle to travel without stopping and this system requires the vehicle to be stopped and scanned. Therefore, the driver may express an unwillingness to do more work.
- Even though created an API gateway still requests have been calling through frontend to directly backend HTTP request that means requests are not going through API gateway. So restrictions, validations and etc. cannot be done.
- When considering these system integrations problems, the main focus is on the User Interfaces. Lack of responsiveness of some components and pages can be seen as a major problem. Moreover, the icons and components used for that should be designed to be more beautiful, simple and attractive. Using the same components, color matching, icons and images are features of a good system.
- In this application notifications are sending only through emails neither SMS or any other notification method. Therefore driver always needs to login to his/her email in order to view notifications
- Even a stranger who knows the username and password can login and use the system. There are no further security restrictions for this, so it is possible that it can easily transfer the user account to someone else
Mitigation for the identified problem
- can create a custom login page for the login page and connect “OAuth” to it. can display more custom messages such as “user not exit”, “invalid password” Or can use the JWT Token for a token validation. Actually, JWT is a self contained token which has authentication information, expiration time information, and other user defined claims digitally signed. No Cookies Required, Thus It’s Very Mobile Friendly. Token can be generated anywhere. Also, the authentication can happen on the resource server or it is easily separated into its own server.
- Login services like log4j, logbash can be used to create a log file. System admin can identify how it happened even when the system went down. And a log manager like elastic Kibana is very easy to use. Because Kibana is data querying & analysis. In addition, Kibana’s visualization features allow to see data in alternate ways using heat maps, line graphs, histograms, pie charts, and geospatial support. With various methods, search the information stored in Elasticsearch for root cause diagnostics.
- Instead of the current barcode card, the app can use a QR scanner with an NFC card. Nobody enjoys waiting in long lines. NFC technology makes it easier than ever to accept payments quickly. Customers tap their NFC enabled credit card on the payment device and that’s it. won’t have to hand over a card even if they use it to pay for services. Simply tap the card on the payment device, and the transaction is complete. They simply waive their phone above the payment device and that transaction is complete. Limiting customer contact means reducing the spread of germs.
- It’s the page that crops up when all else fails, appearing to encounter a broken link, make a spelling mistake within the web address, or happen to enter during a website’s maintenance. albeit they shouldn’t ideally be viewed. A quick note explaining there’s been a mistake . Readers got to see immediately that they’re not where they think they’re . An evidence of why this went on . The foremost common reasons are a typo or broken link, but attempt to not make it sound like blaming the user. ‘Something went wrong’ may be a much more neutral statement than done something wrong. A navigation bar. There’s nothing more irritating than a mistake page that has no options for moving onwards, so keep the main navigational elements to permit people to undertake elsewhere . It’s important to make it as easy as possible for them to remain on the location — at the moment , they’ll be frustrated and tempted to go away.
- can increase security and restrictions by talking from the frontend to the backend through the gateway. It is best to use a Zuul gateway. It manages all the requests and performs the dynamic routing of microservice applications. It works as a front entrance for all the requests. It’s also referred to as Edge Server. Identifying authentication requirements for every resource and rejecting requests that don’t satisfy them. Tracking meaningful data and statistics at the sting so as to offer us an accurate view of production. Allocating capacity for every sort of request and dropping requests that re-evaluate the limit.
- It is difficult for a driver who is not logged in for email to receive messages only from emails. Therefore SMS and notification can be used. Companies that have a text messaging alert system are ready to save time with the utilization of the said technology. By sending text messages, firms can promote their services quickly and efficiently. Push notifications are basically alerts users receive in real-time from a mobile app and which slide in as a banner on their screen. These sorts of mobile app notifications are the simplest way for companies and marketers to speak with their users, but if not through with a careful strategy in place , push notifications can annoy users and cause them to drop the app completely.
- Although the current UI of the system is created by bootstrap, it is suitable to test by other phone tabs or similar emulators from the browser to minimize the loss of responsiveness on certain pages. It is easy to create and reuse the systems by using frontend languages such as react or angular for the frontend development. When load balancing, can prioritize the components that should appear first. It is better to do things like UI and UX for icon on the advice of an expert.
- It’s very easy for users having android and IOS mobile applications other than a web application. To create such applications, can use the backend currently having. The iOS application and the android application can be created separately but can be used a cross platform language. It allows developers to create mobile apps that run on multiple OS’s by using a single framework and sharing the same code base. The framework modifies businesses to build native-like experiences by reducing the development effort and costs while speeding up the time-to-market.
- In addition to username and password, it is better to use two factor authentication. Passwords are old-fashioned and will be phased out. As everyone knows, users fall time and again into the bad habit of selecting weak passwords. Analyses of hacked passwords regularly show that enormous proportions of individuals choose passwords like ‘123456’ and ‘password’, with requirements for alphanumeric passwords scarcely improving things . There utilized in combination with a password, 2FA greatly increases security. A better approach is to urge obviate passwords all at once . 2FA delivers an additional layer of protection for user accounts that, while not impregnable, significantly decreases the danger of unauthorized access and system breaches.
Technical Design
Technology was one of the main factors in the creation of this system. What is the new technology and how to apply it to this problem domain was considered next. Created by studying how to use new technology.
Technology
- Java 8
- Spring Boot
- Bootstrap
- JavaScript
- Mysql
- Docker
Benefit of Selected Technologies
Java 8
- Java language offers higher cross-functionality and convenience as Software written in one stage can run areas, mobiles, inserted frameworks.
- its object-oriented, working multithreading ,distributed ,and network support
- The Java Class Library enables cross-platform development.
- developers to write high quality code and help maintain its competitiveness among other programming languages.
Spring Boot
- Actually, It is very easy to develop Spring Based applications with Java.
- Reduces lots of development time and increases productivity.
- And, the Java is very easy to integrate Spring Boot Application with its Spring Ecosystem like Spring JDBC, Spring ORM, Spring Data, Spring Security etc.
- This give “Opinionated Defaults Configuration” Approach to reduce Developer effort
- This provides Embedded HTTP servers like Tomcat, Jetty etc. for develop and test our web applications very easily.
- Further, Spring gives lots of plugins to develop and test Spring Boot Applications very easily using Build Tools like Maven and Gradle
Bootstrap
- By Using Bootstrap, save a lot of time. Specially, no need to spend time writing code, simply use the Bootstrap predefined configuration layouts and classes and put it precisely where they fit.
- Also, this offers many ways to be customized so that can make it own. It can pick and choose what is needed and toss what is not. Further, Bootstrap can be adjusted exactly as you want it and as your project requires.
- Bootstrap Can Create mobile-ready websites is a breeze with Bootstrap thanks to the fluid grid layout that dynamically adjusts to the proper screen resolution.
- Not that, it is compatible with all modern browsers and Internet Explorer versions.
JavaScript
- JavaScript is a client-side scripting language for the web page.
- It Increases the interactivity and usability of the web page.
- This make the web page more user-friendly by providing easy to use and rich features.
- It saves server traffic by validating user input before sending to the server.
- JavaScript respond immediately if there is any mistake in user data without waiting for the page reload.
MySql
- It is a Relational Database Management System (RDBMS) which means that it stores and presents data in tabular form, organized in rows and columns.
- It consists of a solid data security layer to protect sensitive data from intruders and passwords in MySQL are encrypted.
- This is available for free to download and use from the official site of MySQL.
- Compatible with most of the operating systems, including Windows, Linux, NetWare, Novell, Solaris and other variations of UNIX.
- Can build and interact with MySQL with only the basic knowledge of MySQL and a few simple SQL statements.
- Scalable and capable of handling more than 50 million rows. It’s enough to handle almost any amount of data. However, the default file size limit is 4GB but it can be increased to 8TB
Docker
- It brings in an API for container management, an image format and a possibility to use a remote registry for sharing containers.
- Docker containers contain the minimal runtime requirements of the application, reducing their size and allowing them to be deployed quickly.
- Docker container can be transferred to another machine that runs Docker, and executed there without compatibility issues.
- Docker containers reuse components from the preceding layers, which makes them noticeably lightweight.
- Docker images are typically very small, which facilitates rapid delivery and reduces the time to deploy new application containers.
- Decreases effort and risk of problems with application dependencies.
Application of Technologies.
Able to create this system using the above technology. The microservice architecture was used there. A docker was used for the deployment.
Here, the fundamental thought behind a microservice design is that applications are less complex to make when weakened into smaller pieces that perform seamlessly together. Separate programming functionality into multiple independent modules that are individually liable for performing precisely defined, standalone tasks, when using microservices. There, those modules communicate with each other through simple, generally available application programming interfaces (APIs).
- They are divided into various particular, loosely coupled components, every one of which performs a discrete function
- Individual functions built to align to business capabilities
- Distributed across clouds and data centers
- Treat each function as an independent service which will be changed, updated, or deleted without disrupting the remainder of the appliance
Architecture of the application
This is the Architecture in this system. This gives an idea of the whole system. How the system works. This diagram is based on the micro service architecture. Hope to describe below how the diagram works. In addition, how the system was developed and hope to put the relevant sample code.
As an application moves through the deployment pipeline from dev to check and into production, it can deal with the configuration between those environments and be sure that applications have everything they have to run once they migrate.
Configuration Server
Spring Cloud Configuration Server can be a centralized application that deals all the appliance related configuration properties. the thought is that programs can move Configuration to an external place so this application is definitely configurable and may even change their settings. to try to do this, create a configuration server and a client that reads your configuration of that server. The configuration server uses a GIT repository on GitHub, where it stores the configuration files
As an application moves through the deployment pipeline from dev to check and into production, it can manage the configuration between those environments and be sure that applications have everything they have to run once they migrate.
- Spring Cloud Config Server
Can build it as a Spring Boot application that depends on spring-cloud-config-server to use these features in an application.
The Configuration Server is embeddable during a Spring Boot application, by using the @EnableConfigServer annotation.
Git repository containing bootstrap.yml file
- Spring Cloud Config Client
Once the configuration server works, create the client. add this dependency to pom.xml file.
In addition to the appliance name, also put the active profile and therefore the connection-details in bootstrap.yml:
Netflix Eureka Discovery
This is provided by Netflix. It consists of the Eureka Discovery Server and Eureka Discovery clients. Every Micro service will register into the invention server and Discovery server knows all the client applications running on each port and IP address.
When making a REST call to a different service, rather than providing a hostname and port, they only provide the service name.
- Eureka Discovery Server
This is the Eureka Server, and for that, include a Eureka dependency in the project. Below is the pom.xml for Eureka Discovery Server.
Also, update the application.yml file for this project to indicate that it is a discovery server and not a client.
To make a Eureka Discovery server, add the @EnableEurekaServer annotation to main class
- Eureka Discovery Client
created other microservices with Spring Boot and every one running on its own port or Port 0.
add this dependency to pom.xml file
As a client, it should register itself to the server, which happens within the application.yml file.
To make a Eureka Discovery client, all we’d like to try to to is add the @EnableEurekaClient annotation to main class
Authentication server
When building a web application, authentication and authorization is a must. Authorization Server is a supreme architectural component for Web API Security. The Authorization Server acts as a centralization authorization point that allows HTTP endpoints to identify the features of the application. Also in this server it is handling the user and user types. build an OAuth 2.0 web application and authentication server using Spring Boot and Spring Security.
Regarding security , two main areas are identified:
Authentication — Confirms users are who they say they are.
Authorization — Give users permission to access a resource.
In this application, there are 3 types of different user categories. They are driver, operator and admin. These three user categories have different access privileges and according to these user categories and privileges each account will handle.
Oauth Server
OAuth2 is an authorization framework that enables the application Web Security to access the resources from the client. application, need to focus on the Grant Type, Client ID and Client secret.
This is the Auth Server, and for that, include oauth2 and security dependencies in the project. Below is the pom.xml for Auth Server.
Also,update the application.yml file for this to define the minimal required configuration.
To make a Auth server, add the @EnableAuthorizationServer annotation to main class
Configuration class enables and configures an OAuth authorization server.
Oauth Client
Rest-Api client services that fetch the from the resource server. Used these dependencies.
Also, update the application.yml file for this to define the minimal required configuration.
To make a Auth Client, add the @EnableResourceServer annotation to main class
Gateway
An API gateway is programming that sits in front of an API and is the single-entry point for defined back-end APIs and microservices. It might have other responsibilities such as authentication, monitoring, load balancing, caching, request shaping and management, and static response handling
- Zuul Gateway
Zuul is provided by Netflix. Spring Boot has already bundled Zuul with their Spring Cloud dependency.
As an edge service application,Zuul is designed to enable dynamic routing, observing, flexibility and security.
This is the Zuul Cloud API Gateway, and for that, include Zuul Server dependencies in the project. Below is the pom.xml for gateway.
To make a Auth server, add the @EnableZuulProxy annotation to main class
defined configuration properties for gateway purposes
servicers
According to the problem domain, Rest API is divided into four different services. They are; Driver service, email service, Transaction service and Payment service.
- Driver Service
If a driver is using this application, he/she needs to should register with the system along with
their details. Also, driver can pay highway fee by his/her own without using vehicle owners’
card. Also, drivers should use a card while entering the highway.
- Transaction Service
Save entering point and exciting point in order to identify and also can use this to send emails
to the owner of the vehicle and as well as the driver of the vehicle.
- Payment Service
As mentioned above, drivers can pay his/her by own. Driver can handle multiple payment
methods. I.e. he can use a System Card for the payment process.
- Email Service
Vehicle owners and drivers will receive emails while entering and exiting the highway. Also,
the driver will receive an email after the payment by including payment information.