Technical Documentation

Platform Architecture

System Overview

Platform built on modular MVC architecture with service-oriented approach. Three-tier design separates presentation, business logic, and data persistence.

Architecture Layers

• Presentation Layer: HTML5/CSS3/JavaScript with Vue.js components
• Application Layer: PHP 8.1 with RESTful API structure
• Data Layer: MySQL for relational data, Redis for caching

Technology Stack

Backend Technologies

• PHP 8.1+ with OOP and namespaces
• Composer for dependency management
• PSR-4 autoloading standard
• PSR-7 HTTP message interfaces
• Doctrine ORM for database abstraction

Frontend Technologies

• Vue.js 3 for reactive interfaces
• Axios for HTTP requests
• Socket.io client for WebSocket connections
• Webpack for asset bundling
• Sass for CSS preprocessing

Infrastructure Components

• Nginx web server with PHP-FPM
• MySQL 8.0 database engine
• Redis in-memory data store
• Node.js for real-time services
• RabbitMQ for message queuing

Directory Structure

/var/www/casino/
├── public/              # Web-accessible directory
│   ├── index.php       # Application entry point
│   ├── assets/         # CSS, JS, images
│   └── uploads/        # User uploaded files
├── app/                # Application core
│   ├── Controllers/    # HTTP request handlers
│   ├── Models/         # Data models
│   ├── Services/       # Business logic services
│   ├── Middleware/     # Request/response filters
│   ├── Validators/     # Input validation rules
│   └── Helpers/        # Utility functions
├── config/             # Configuration files
│   ├── database.php    # DB connection settings
│   ├── routes.php      # URL routing definitions
│   ├── cache.php       # Cache configuration
│   └── app.php         # Application settings
├── database/           # Database related
│   ├── migrations/     # Schema version control
│   ├── seeds/          # Initial data population
│   └── schema.sql      # Complete database structure
├── resources/          # Views and templates
│   ├── views/          # PHP template files
│   ├── lang/           # Translation files
│   └── emails/         # Email templates
├── storage/            # Generated files
│   ├── logs/           # Application logs
│   ├── cache/          # Cached data
│   ├── sessions/       # Session files
│   └── temp/           # Temporary files
├── vendor/             # Composer dependencies
└── tests/              # Automated tests
    ├── Unit/           # Unit tests
    └── Integration/    # Integration tests

Database Schema

Core Tables

users

Player account information and authentication credentials.

CREATE TABLE users (
    id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT,
    username VARCHAR(50) UNIQUE NOT NULL,
    email VARCHAR(255) UNIQUE NOT NULL,
    password_hash VARCHAR(255) NOT NULL,
    first_name VARCHAR(100),
    last_name VARCHAR(100),
    birth_date DATE,
    country_code CHAR(2),
    phone VARCHAR(20),
    currency_code CHAR(3) DEFAULT 'USD',
    balance DECIMAL(15,2) DEFAULT 0.00,
    bonus_balance DECIMAL(15,2) DEFAULT 0.00,
    status ENUM('active','suspended','closed') DEFAULT 'active',
    kyc_status ENUM('none','pending','verified','rejected') DEFAULT 'none',
    registered_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    last_login_at TIMESTAMP NULL,
    INDEX idx_username (username),
    INDEX idx_email (email),
    INDEX idx_status (status)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

games

Game catalog with provider information and metadata.

CREATE TABLE games (
    id INT UNSIGNED PRIMARY KEY AUTO_INCREMENT,
    provider_id INT UNSIGNED NOT NULL,
    external_id VARCHAR(100) NOT NULL,
    name VARCHAR(255) NOT NULL,
    slug VARCHAR(255) UNIQUE NOT NULL,
    category ENUM('slots','table','live','other') NOT NULL,
    subcategory VARCHAR(50),
    thumbnail_url VARCHAR(500),
    rtp DECIMAL(5,2),
    volatility ENUM('low','medium','high'),
    min_bet DECIMAL(10,2),
    max_bet DECIMAL(10,2),
    has_demo BOOLEAN DEFAULT TRUE,
    is_active BOOLEAN DEFAULT TRUE,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
    INDEX idx_provider (provider_id),
    INDEX idx_category (category),
    INDEX idx_active (is_active),
    FOREIGN KEY (provider_id) REFERENCES providers(id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

transactions

Financial movements including deposits, withdrawals, bets, wins.

CREATE TABLE transactions (
    id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT,
    user_id BIGINT UNSIGNED NOT NULL,
    type ENUM('deposit','withdrawal','bet','win','bonus','refund') NOT NULL,
    amount DECIMAL(15,2) NOT NULL,
    balance_before DECIMAL(15,2) NOT NULL,
    balance_after DECIMAL(15,2) NOT NULL,
    currency_code CHAR(3) NOT NULL,
    status ENUM('pending','completed','failed','cancelled') DEFAULT 'pending',
    payment_method VARCHAR(50),
    external_transaction_id VARCHAR(255),
    reference_id VARCHAR(100),
    description TEXT,
    processed_at TIMESTAMP NULL,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    INDEX idx_user (user_id),
    INDEX idx_type (type),
    INDEX idx_status (status),
    INDEX idx_created (created_at),
    FOREIGN KEY (user_id) REFERENCES users(id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

game_sessions

Active and historical game play sessions.

CREATE TABLE game_sessions (
    id BIGINT UNSIGNED PRIMARY KEY AUTO_INCREMENT,
    user_id BIGINT UNSIGNED NOT NULL,
    game_id INT UNSIGNED NOT NULL,
    session_token VARCHAR(255) UNIQUE NOT NULL,
    mode ENUM('real','demo') NOT NULL,
    currency_code CHAR(3) NOT NULL,
    balance_start DECIMAL(15,2) NOT NULL,
    balance_end DECIMAL(15,2),
    total_bet DECIMAL(15,2) DEFAULT 0.00,
    total_win DECIMAL(15,2) DEFAULT 0.00,
    rounds_played INT DEFAULT 0,
    ip_address VARCHAR(45),
    user_agent TEXT,
    started_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    ended_at TIMESTAMP NULL,
    INDEX idx_user (user_id),
    INDEX idx_game (game_id),
    INDEX idx_token (session_token),
    FOREIGN KEY (user_id) REFERENCES users(id),
    FOREIGN KEY (game_id) REFERENCES games(id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

bonuses

Promotional bonuses and their conditions.

CREATE TABLE bonuses (
    id INT UNSIGNED PRIMARY KEY AUTO_INCREMENT,
    code VARCHAR(50) UNIQUE,
    name VARCHAR(255) NOT NULL,
    type ENUM('deposit_match','free_spins','cashback','no_deposit') NOT NULL,
    amount DECIMAL(15,2),
    percentage INT,
    max_bonus DECIMAL(15,2),
    min_deposit DECIMAL(15,2),
    wagering_requirement INT DEFAULT 0,
    valid_from TIMESTAMP,
    valid_until TIMESTAMP,
    max_uses INT,
    uses_count INT DEFAULT 0,
    is_active BOOLEAN DEFAULT TRUE,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    INDEX idx_code (code),
    INDEX idx_active (is_active)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;

Relationships

• users → transactions (one-to-many)
• users → game_sessions (one-to-many)
• users → user_bonuses (one-to-many)
• games → game_sessions (one-to-many)
• games → providers (many-to-one)
• bonuses → user_bonuses (one-to-many)

API Architecture

RESTful Endpoints

All endpoints follow REST principles with proper HTTP methods and status codes.

Authentication Flow

POST /api/v1/auth/login
{
    "username": "player123",
    "password": "secure_password"
}
Response:
{
"status": "success",
"data": {
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"expires_at": 1696089600,
"user": {
"id": 12345,
"username": "player123",
"balance": 1000.00,
"currency": "USD"
}
}
}

Request Authentication

All authenticated requests require bearer token in header:

Authorization: Bearer {jwt_token}

Response Format

Consistent JSON structure for all responses:

{
    "status": "success|error",
    "data": {},
    "message": "Human readable message",
    "errors": [],
    "timestamp": 1696089600
}

WebSocket Protocol

Connection Establishment

const socket = io('wss://yourdomain.com', {
    auth: {
        token: 'bearer_token_here'
    }
});

Event Channels

• balance.update – Real-time balance changes
• game.result – Game round outcomes
• bonus.awarded – Bonus notifications
• jackpot.update – Progressive jackpot values

Event Example

socket.on('balance.update', (data) => {
    console.log('New balance:', data.balance);
    // Update UI with new balance
});

Security Implementation

Authentication System

Password Security

• Bcrypt hashing with cost factor 12
• Minimum 8 characters requirement
• Password complexity validation
• Failed login attempt tracking
• Account lockout after 5 failed attempts

JWT Token Management

• HS256 signing algorithm
• 24-hour token expiration
• Refresh token rotation
• Token blacklist for logout
• IP address binding optional

Data Protection

Encryption

• AES-256 for sensitive data at rest
• TLS 1.3 for data in transit
• Database field-level encryption for PII

Input Validation

class DepositValidator {
    public function rules() {
        return [
            'amount' => 'required|numeric|min:10|max:10000',
            'method' => 'required|in:card,crypto,bank',
            'currency' => 'required|size:3|alpha'
        ];
    }
}

SQL Injection Prevention

All database queries use prepared statements:

$stmt = $pdo->prepare('SELECT * FROM users WHERE id = ?');
$stmt->execute([$userId]);
$user = $stmt->fetch();

XSS Prevention

Output escaping for all user-generated content:

echo htmlspecialchars($userInput, ENT_QUOTES, 'UTF-8');

CSRF Protection

Token validation on all state-changing requests:

<input type="hidden" name="csrf_token" value="">

Performance Optimization

Caching Strategy

Redis Implementation

• Session storage with 24-hour TTL
• Game catalog cache with 1-hour expiration
• User balance cache with 30-second TTL
• API response cache for GET requests

Cache Example

$redis = new Redis();
$redis->connect('127.0.0.1', 6379);
// Cache game data
redis->setex('game:' . $gameId, 3600, json_encode(
gameData));

// Retrieve cached data
$cached = $redis->get('game:' . $gameId);
if ($cached) {
return json_decode($cached, true);
}

Database Optimization

Query Optimization

• Indexed columns for frequent queries
• Composite indexes for multi-column searches
• Query result caching
• Connection pooling
• Read replica for reporting queries

Pagination Implementation

SELECT * FROM games 
WHERE is_active = 1 
ORDER BY created_at DESC 
LIMIT 50 OFFSET 0;

Asset Optimization

• JavaScript minification and bundling
• CSS preprocessing and compression
• Image optimization and lazy loading
• CDN integration for static assets
• Gzip compression enabled

Integration Points

Payment Gateway Integration

Supported Methods

• Credit/Debit cards via Stripe, Braintree
• Cryptocurrency via Coinbase Commerce, BitPay
• E-wallets via PayPal, Skrill, Neteller
• Bank transfers via Plaid, TrueLayer

Payment Flow

1. User initiates deposit
2. System creates transaction record (status: pending)
3. Redirect to payment gateway
4. Gateway processes payment
5. Webhook receives confirmation
6. System updates transaction (status: completed)
7. User balance credited
8. Confirmation email sent

Game Provider Integration

Provider Adapter Pattern

interface GameProviderInterface {
    public function authenticate(): bool;
    public function fetchGames(): array;
    public function launchGame(int $gameId, int $userId, string $mode): string;
    public function getBalance(int $userId): float;
    public function processCallback(array $data): void;
}

Implementation Example

class PragmaticPlayAdapter implements GameProviderInterface {
    public function launchGame($gameId, $userId, $mode) {
        $params = [
            'game_id' => $gameId,
            'user_id' => $userId,
            'mode' => $mode,
            'currency' => $this->getUserCurrency($userId)
        ];
    return $this->apiRequest('launch', $params);
}
}

Logging and Monitoring

Application Logging

Log Levels

• DEBUG: Detailed diagnostic information
• INFO: General informational messages
• WARNING: Warning messages for potential issues
• ERROR: Error messages for failures
• CRITICAL: Critical conditions requiring immediate attention

Log Format

[2024-09-30 14:23:45] LEVEL: Message
Context: {"user_id": 12345, "ip": "192.168.1.1"}
Trace: /path/to/file.php:123

System Monitoring

Metrics Tracked

• Request response time (p50, p95, p99)
• Database query performance
• Cache hit/miss ratio
• Error rate per endpoint
• Active user sessions
• Server resource usage (CPU, RAM, disk)

Alert Conditions

• Response time exceeds 3 seconds
• Error rate above 1% for 5 minutes
• Database connection pool exhausted
• Disk usage above 85%
• Failed payment webhook delivery

Backup and Recovery

Backup Strategy

Database Backups

• Full backup daily at 02:00 UTC
• Incremental backups every 6 hours
• Transaction log backups every 15 minutes
• 30-day retention period
• Off-site backup replication

Application Backups

• Code repository with Git version control
• Configuration files encrypted backup
• Uploaded files synced to object storage
• Weekly full application snapshot

Disaster Recovery

RTO and RPO Targets

• Recovery Time Objective: 4 hours
• Recovery Point Objective: 15 minutes

Recovery Procedure

1. Provision new server infrastructure
2. Restore latest database backup
3. Apply transaction logs since backup
4. Deploy application code from repository
5. Restore configuration files
6. Verify system functionality
7. Update DNS records
8. Monitor for stability

Scalability Considerations

Horizontal Scaling

• Load balancer distribution across multiple web servers
• Stateless application design for server redundancy
• Session storage in Redis cluster
• Database read replicas for query distribution

Vertical Scaling

• Increased CPU cores for processing capacity
• Additional RAM for caching and performance
• NVMe storage for database performance
• Network bandwidth upgrades

Microservices Architecture

Platform can be decomposed into independent services:

• User service (authentication, profile management)
• Game service (catalog, session management)
• Payment service (transactions, gateway integration)
• Bonus service (promotions, rewards)
• Reporting service (analytics, statistics)