Phase 1: Quickslice Architecture Assessment #90
Description
Phase 1: Quickslice Architecture Assessment
Research and understand Quickslice's capabilities to make informed decisions before implementation.
Objectives
- Understand Quickslice's exact GraphQL schema for our data types
- Understand how Quickslice handles OAuth and sessions
- Understand how Quickslice writes records to AT Protocol PDS
- Identify all breaking changes and compatibility issues
- Make critical architectural decisions
Critical Questions to Answer
OAuth & Authentication
- Does Quickslice provide full OAuth flow or just token management?
- What session token format does Quickslice use?
- How do we attach session tokens to GraphQL requests?
- Can we keep AT Protocol OAuth or must we use Quickslice OAuth?
- What happens to existing user sessions during migration?
GraphQL Schema
- Does Quickslice auto-generate schema from our Lexicon files?
- What is the exact GraphQL type for each Lexicon record?
- How do we query records? (byDid? byHandle? byRkey?)
- What mutations are available? (create, update, delete?)
- How do nested objects map? (e.g., location inside affiliation)
- How do references work? (e.g., DOI resolution)
Database & Persistence
- What database does Quickslice use? (Neon? External?)
- Do we control the schema or does Quickslice own it?
- How do we migrate existing data?
- Can we run custom queries or only GraphQL?
- How does Quickslice handle migrations/schema changes?
PDS Integration
- When we create a record via GraphQL, is it automatically written to PDS?
- Can we verify records were written to Bluesky?
- How are DID and Repo handled? (auto from session?)
- What's the latency for PDS writes?
- Can we handle PDS write failures?
Session Management
- How does Quickslice store sessions?
- What's the session expiry duration?
- How do we refresh expired sessions?
- Can we maintain HTTP-only cookies?
- How do we log out?
Deliverables
-
Quickslice API Documentation Review
- Read official docs thoroughly
- Map GraphQL schema to our lexicons
- Document all breaking changes
-
Proof of Concept
- Set up Quickslice client
- Authenticate with Quickslice OAuth
- Execute sample GraphQL query
- Verify record write to PDS
-
Decision Document
- Answer all critical questions above
- Make decisions on:
- OAuth strategy (Quickslice vs AT Protocol)
- Session token storage
- GraphQL client library
- Database ownership model
- Document migration timeline risks
-
Implementation Checklist
- Break down Phase 2 work into specific tasks
- Identify dependencies between tasks
- Update timeline if needed
- Create sub-issues for Phase 2
Blocking Criteria
Do NOT proceed to Phase 2 until:
- All critical questions above are answered
- Proof of concept working (auth → GraphQL query → PDS verify)
- All decisions documented and approved
- Timeline validated with actual testing
- Any showstoppers identified and solutions proposed
Success Metrics
- Complete understanding of Quickslice capabilities
- Clear decision on all 4 critical architectural choices
- Working POC demonstrating OAuth + GraphQL + PDS write flow
- Detailed task breakdown for Phase 2
- No unknown unknowns
Estimated Duration
1-2 weeks depending on Quickslice documentation quality and learning curve
Next Issue
Once Phase 1 is complete:
→ #90: Phase 2: Authentication Migration (OAuth + Sessions)