Divya Jyotish

The original prototype used JSONBin.io for data storage, which had severe limitations in querying, security, and scalability. The platform needed a proper backend with relational data modeling for complex astrological calculations, secure user authentication with device-level licensing, and support for both desktop and web interfaces from a single backend.

We rebuilt the entire backend with PHP and MySQL, implementing a REST API with JWT-based authentication with 30-day user tokens and 4-hour admin tokens. We designed a 7-table MySQL schema supporting users, devices, licenses, and astrological data. Device licensing uses hardware binding for piracy prevention with rate limiting and prepared statements for security.

The PHP REST API handles all business logic including user authentication via time-based passwords, JWT generation and validation, device licensing with hardware fingerprinting, and astrological calculations. MySQL stores all data with transactional integrity. Admin sessions are short-lived at 4 hours for security.

Users download the desktop application or access the web version. They register with a time-based HH:MM password system, receive a JWT token valid for 30 days, and their device is registered via hardware binding. The admin approves licenses through the queue system. Once active, users access 20+ astrological modules including Kundali, Gochar, Prashna, Panchang, Vivah Milan, and more.

We performed the complete migration from JSONBin.io to a production PHP/MySQL backend. We designed the database schema, implemented JWT authentication, built the device licensing system, created the REST API, and developed the admin panel for full system oversight.

The platform now serves both web and desktop applications from a single, secure backend. The registration queue system manages new user onboarding, and the admin panel provides full oversight of users, devices, licenses, and system health.

The backend uses vanilla PHP with prepared statements for all database operations. JWT tokens are generated and validated using HMAC-SHA256. The REST API features rate limiting, IP-based access control, and comprehensive error handling. The desktop application is built with Electron consuming the same API.