Core Platform v1.2.0 Stable

Platform Architecture

A modular, high-performance framework for building AI-powered applications with integrated session management, secure storage, and cloud-native capabilities.

Explore Source Quick Start

System Design

/architecture

Application Layer

User-facing logic & UI Integration

↓

Platform Services

Thread Pool

Usage Tracking

User Settings

↓

Interface Layer

Storage API

Auth API

Cloud API

↓

Implementation Layer

File System

HSQL DB

AWS SDK

Session Management

The platform uses a structured session ID system to isolate global resources from user-specific data.

G- Global sessions (Shared)
U- User sessions (Private)

kotlin

// Create new sessions
val globalSession = Session.newGlobalID()
val userSession = Session.newUserID()

// Parse and validate
val session = Session.parseSessionID("G-20231215-AbC1")

User Identity

The User data class encapsulates authenticated identity and credentials.

kotlin

val user = User(
    email = "user@example.com",
    name = "John Doe",
    id = "user123",
    picture = "https://example.com/avatar.jpg"
)

Storage Architecture

Physical persistence is handled via DataStorage, organizing data into a predictable hierarchy.

data/

├── global/ # Shared sessions

└── 2023-12-15/AbC1/

├── user-sessions/ # Private data

└── user@example.com/

└── users/ # User profiles

kotlin

// Store session state
dataStorage.setJson(user, session, "config.json", myConfig)

// Update chat history
dataStorage.updateMessage(user, session, "msg-1", "Hello")

Metadata (titles, message order) is managed separately via HSQLMetadataStorage for fast querying.

Authorization Model

Cognotik uses a file-based permission system located in /permissions/. Access is evaluated based on user identity or domain.

user@example.com

Specific user access

@company.com

Domain-wide access

.

Any authenticated user

*

Public access (Anonymous)

Resource Permissions

/permissions/read.txt — Global read access
/permissions/write.txt — Global write access
/permissions/com/example/app/read.txt — App-scoped access

AWS Integration

The AwsPlatform provides S3-based sharing and KMS-based encryption for enterprise deployments.

kotlin

val awsPlatform = AwsPlatform(
    bucket = "cognotik-data",
    region = Region.US_EAST_1
)

// Encrypt sensitive data with KMS
val encrypted = awsPlatform.encrypt(data, kmsKeyArn)

Developer Best Practices

🛡️

Resource Isolation

Always use the ThreadPoolManager to get pools scoped to a session. This prevents one session from starving others of CPU resources.

threadPoolManager.getPool(session, user)

⚠️

Error Handling

Validate session IDs at the entry point of every service call to prevent directory traversal or unauthorized access.

Session.validateSessionId(id)

⚡

Configuration

Lock the ApplicationServicesConfig after initialization to prevent runtime modification of core service providers.

ApplicationServicesConfig.isLocked = true

🚀 Quick Start: Initializing the Platform

kotlin

// 1. Set data root
ApplicationServices.dataStorageRoot = File("/var/lib/cognotik")

// 2. Initialize services
val storage = ApplicationServices.fileApplicationServices().dataStorageFactory(dataDir)

// 3. Lock config
ApplicationServicesConfig.isLocked = true