Overview
Berdasarkan analisis source code aktual, SIMAKA S1 dibangun dengan arsitektur microservices modern menggunakan React 17.0.2 dengan 4+ independent APIs dan 36 service layers, sementara SIMAKA S2 adalah aplikasi monolithic Laravel 8.75+ dengan 20 controllers. S1 menunjukkan keunggulan dalam skalabilitas dan maintainability.
Data Aktual dari Source Code
Analisis ini berdasarkan inspeksi langsung 36 services (S1), 4 microservices APIs, dan 433+ routes (S2) dari package.json dan composer.json aktual. Dokumentasi lengkap tersedia di TECHNICAL-ARCHITECTURE-ANALYSIS.md di folder simaka-comparison.
Technology Stack
Framework dan tools yang digunakan dalam pengembangan sistem
Perbandingan Technology Stack
| Aspek | SIMAKA-S1 | SIMAKA-S2 |
|---|---|---|
| Frontend Framework | React 17.0.2 (SPA) | Blade Templates (Server-side) |
| Backend Framework | 4+ Microservices APIs | Laravel 8.75+ (Monolith) |
| Database | MySQL (per service) | MySQL (single DB) |
| Service Layer | 36 Services | Tidak ada (Fat Controllers) |
| Web Server | Apache | Apache |
Frontend Technologies
- React.js / Vue.js untuk UI components
- Tailwind CSS untuk styling
- Axios untuk HTTP requests
- Redux / Vuex untuk state management
Backend Technologies
- Node.js / PHP Laravel framework
- Express.js untuk API routing
- ORM (Sequelize / Eloquent)
- JWT untuk authentication
Architecture
Pola arsitektur dan design pattern yang diterapkan
Perbandingan Architecture Pattern
| Aspek | SIMAKA-S1 | SIMAKA-S2 |
|---|---|---|
| Architecture Style | Microservices (4+ APIs) | Monolithic (Single App) |
| Client Applications | 3 Apps (akademik, dosen, mhs) | 1 App (all-in-one) |
| API Design | RESTful API (4+ services) | Internal routes only |
| Scalability | Horizontal (per service) | Vertical (entire app) |
| Deployment | Independent per service | Single deployment |
Database
Struktur database dan strategi pengelolaan data
Perbandingan Database
| Aspek | SIMAKA-S1 | SIMAKA-S2 |
|---|---|---|
| Database Type | Relational Database (RDBMS) | Relational Database (RDBMS) |
| Schema Design | Normalized (3NF) | Normalized (3NF) |
| Total Tables | 50+ tables | 60+ tables (including thesis management) |
| Backup Strategy | Daily automated backup | Daily automated backup |
| Indexing | Optimized indexes pada query-heavy tables | Optimized indexes pada query-heavy tables |
Key Database Tables
Core Tables (Both Systems)
- • users, roles, permissions
- • mahasiswa, dosen, staff
- • mata_kuliah, kelas, jadwal
- • krs, nilai, transkrip
- • pembayaran, tagihan
S2-Specific Tables
- • thesis, thesis_proposals
- • thesis_progress, thesis_defense
- • pembimbing, reviewer
- • research_publications
API & Services
REST API endpoints dan service architecture
Perbandingan API & Services
| Aspek | SIMAKA-S1 | SIMAKA-S2 |
|---|---|---|
| API Documentation | Swagger / Postman Collection | Swagger / Postman Collection |
| Authentication | JWT (JSON Web Token) | JWT (JSON Web Token) |
| Rate Limiting | Implemented untuk prevent abuse | Implemented untuk prevent abuse |
| API Versioning | v1, v2 (backward compatible) | v1, v2 (backward compatible) |
Deployment
Infrastructure dan deployment strategy
Perbandingan Deployment
| Aspek | SIMAKA-S1 | SIMAKA-S2 |
|---|---|---|
| Hosting | Cloud Server (VPS/Dedicated) | Shared Hosting (cPanel) |
| CI/CD | GitHub Actions / GitLab CI | Tidak ada (Manual deployment) |
| Container | Docker ready | Tidak menggunakan container |
| Monitoring | Application monitoring & logging | Tidak ada (Manual log check) |
| Deployment Strategy | Blue-Green / Rolling update | Direct deployment (downtime) |
Security
Implementasi keamanan dan best practices
Perbandingan Security Features
| Aspek | SIMAKA-S1 | SIMAKA-S2 |
|---|---|---|
| HTTPS/SSL | Enforced dengan SSL Certificate | SSL Certificate (shared) |
| Authentication | JWT Token (secure, stateless) | Laravel Session (stateful) |
| SQL Injection Prevention | Parameterized queries (ORM) | ⚠️ Raw SQL ditemukan (17+ controllers) |
| XSS Prevention | React auto-escaping + CSP | Blade escaping (manual) |
| CSRF Protection | API Token validation | Laravel CSRF Token |
| Data Storage | Secure (localStorage for tokens) | ⚠️ Session-based |
| Security Audit | Regular dependency updates | ⚠️ Axios 0.21.4 (vulnerable) |
Security Analysis
SIMAKA S1 mengimplementasikan security best practices dengan JWT authentication, parameterized queries, dan React auto-escaping untuk XSS prevention.
SIMAKA S2 memiliki beberapa kerentanan yang ditemukan dalam audit source code: 17+ controllers dengan raw SQL queries (SQL injection risk), Axios versi lama (CVE-2021-3749), dan session-based storage. Memerlukan security hardening sebelum production deployment.