A production-grade recruitment platform built with microservices, event-driven architecture, and AI — deployed on AWS EC2 with full CI/CD automation.
JobVyn connects Recruiters and Candidates through a subscription-based hiring platform. Recruiters post jobs under verified companies. Candidates subscribe and apply — triggering async workflows for resume processing, email notifications, and AI-powered career insights.
Built to go beyond a typical CRUD app — every architectural decision reflects real engineering tradeoffs.
All traffic enters through a central API Gateway that handles routing, JWT verification, rate limiting (Redis), and unique request tracing (UUID) before any service is touched.
| Service | Responsibility | Key Tech |
|---|---|---|
| Gateway | Single entry point — routing, rate limiting, request tracing, JWT verification | Express, Redis, http-proxy-middleware |
| Auth | Registration, login, JWT issuance, password reset | JWT, bcrypt, Kafka producer, Redis |
| User | Candidate profiles, subscriptions, job applications | PostgreSQL, Redis cache |
| Job | Company creation, job posting lifecycle | PostgreSQL, Kafka producer |
| Payment | Razorpay webhook verification, subscription activation | Razorpay, PostgreSQL |
| Utils | Async event consumer — email delivery, AI resume analysis, career guidance | Kafka consumer, Gemini API, Nodemailer, Cloudinary |
The gateway uses a service registry pattern — each service is registered with a URL prefix and an internal target URL. Incoming requests are matched by prefix and proxied forward, with originalUrl preserved so services own their full path internally.
| Prefix | Service |
|---|---|
/api/auth |
Auth Service |
/api/user |
User Service |
/api/job |
Job Service |
/api/payment |
Payment Service |
/api/utils |
Utils Service |
Public routes (JWT skipped): /api/auth/login, /api/auth/register, /api/job, /health
Every proxied request gets an x-request-id UUID header injected for end-to-end tracing. Responses carry x-gateway-proxy and x-proxied-service headers. Rate limit state is exposed via X-RateLimit-limit, X-RateLimit-remaining, and X-RateLimit-ttl response headers. Service unavailability returns a structured 502 with the request ID.
Event-driven with Kafka — Auth, Job, and User services produce events. The Utils service consumes them asynchronously, keeping services decoupled and non-blocking.
Redis for rate limiting and caching — The gateway enforces per-IP rate limits using Redis INCR with sliding TTL windows. User service caches frequently read profile data to reduce DB load.
AI integration — The Utils service calls Google Gemini API to analyse uploaded resumes and generate personalised career guidance for candidates.
JWT with role-based access — Tokens carry role claims (recruiter/candidate). The gateway validates and forwards identity context so downstream services never re-verify.
Containerised and deployed — Every service ships as a Docker image, built and pushed to Docker Hub via GitHub Actions on every push to main, then pulled and restarted on AWS EC2.
Backend — Node.js, TypeScript, Express 5, PostgreSQL (Neon), Redis, KafkaJS
Frontend — Next.js 16, React 19, TypeScript, Tailwind CSS v4, shadcn/ui (Radix UI)
Infrastructure — Docker, AWS EC2, GitHub Actions CI/CD, Docker Hub
Integrations — Razorpay, Google Gemini API, Cloudinary, Nodemailer, JWT
jobvyn/
├── backend/
│ ├── gateway/ # API Gateway — routing, rate limiting, tracing
│ ├── auth/ # Authentication & JWT
│ ├── user/ # Profiles, subscriptions, applications
│ ├── job/ # Companies & job listings
│ ├── payment/ # Razorpay payment handling
│ └── utils/ # Async consumer — AI, email, file storage
└── frontend/ # Next.js candidate & recruiter UI
Unit tests are integrated for the Auth Service using Jest and ts-jest, with all external dependencies (PostgreSQL, Redis, Kafka, Axios) fully mocked.
| Service | Test File | Coverage |
|---|---|---|
| Auth | backend/auth/src/test/unit/loginUser.unit.test.ts |
loginUser — 7 unit tests covering missing fields, user not found, wrong password, successful login, password not leaked, null skills normalisation |
# Run auth service unit tests
cd backend/auth && npm testPush to main → GitHub Actions builds Docker images for all 6 services → pushes to Docker Hub → SSH into AWS EC2 → pulls latest images → restarts containers.
Zero manual deployment steps.
Built by Arun Kumar — Backend Engineer