# Message server

## Running
### Starting servers
Server ID (`SERVER_ID`) and remote servers (`SERVERS`) are provided as environment variables along with shared auth key (`AUTH_KEY`).

#### Server 1
```bash
SERVER_ID=1 SERVERS="2:localhost:4001" PORT=4000 AUTH_KEY=your_secret_shared_key mix run --no-halt
```

#### Server 2
```bash
SERVER_ID=2 SERVERS="1:localhost:4000" PORT=4001 AUTH_KEY=your_secret_shared_key mix run --no-halt
```

### Sending messages
#### From Server 1
```curl
curl -X POST http://localhost:4000/api/messages -H "Content-Type: application/json" -d '{"from": "1-bender", "to": "1-zoidberg", "message": "Dreams are where elves and gnomes live!"}'
```

```curl
curl -X POST http://localhost:4000/api/messages -H "Content-Type: application/json" -d '{"from": "1-bender", "to": "2-nibbler", "message": "Bite my shiny metal ass!"}'
```

#### From Server 2
```curl
curl -X POST http://localhost:4001/api/messages -H "Content-Type: application/json" -d '{"from": "2-nibbler", "to": "1-bender", "message": "I am Nibbler, agent of the Nibblonian fleet."}'
```

### Notes on queueing failed messages
When messages fail to be delivered they are queued for retry at 30 second interval with a maximum of 5 retries by default (can be configured)

## Security
This application uses a shared auth key (`AUTH_KEY`) to authenticate requests between servers. The key is provided as an environment variable and must be the same on all servers.

## Next steps

### Security - HTTPS with client certificates
HTTPS with client certificates should be implemented to ensure secure communication between servers and prevent unauthorized access and possible man-in-the-middle attacks.

### Testing
Full suite of unit tests should be implemented to ensure the correctness of the application's logic and behavior.

### Message Queue
Finish implementation of Message Queue to queue failed messages for retry