Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Introduction

Welcome to the progress book for the Student Part-Time Job Portal — a full-stack web platform that connects students looking for part-time work with employers who want to hire them.

About the project

The portal is built as a workspace-based monorepo with two main applications:

  • Backend — a NestJS API backed by PostgreSQL (via TypeORM), providing authentication, user/profile management, job posts and applications, real-time notifications, messaging, and a recruitment pipeline.
  • Frontend — a Vue 3 + Vite single-page application written in TypeScript, styled with a Material Design 3 token system and fully internationalized across six locales.

Supporting pieces include a standalone file service for media uploads, payload encryption for sensitive auth traffic, passkey (WebAuthn) login, and a CI/CD pipeline that builds and deploys everything — including this book — through GitHub Actions and GHCR.

Key features

  • Session-based and passkey (WebAuthn) authentication with encrypted payloads.
  • Role-aware student and employer profiles unified in a single profile module.
  • Job posting, search, discovery filtering, applications, and a skill-matching recommendation engine.
  • A recruitment pipeline: applicant tracking, offer responses, and interview stages, with email and real-time notifications.
  • A social layer: posts with likes/comments/shares, follows, stories, and direct messaging.

About this book

This book documents the project’s development week by week, rebuilt from the git commit history. Each entry is titled Week N - dd.month.yyyy and covers what was built that week, the outcome, and the main challenge the team worked through. Use the Table of Contents for a high-level map, or jump straight into the weekly entries from the sidebar.

Table of Contents

A week-by-week map of the project’s development. Each week links to its full entry and summarizes the focus and the main challenge.

WeekDateFocusChallenge
121.March.2026Monorepo & scaffoldingStanding up a clean backend + frontend monorepo with shared tooling
228.March.2026Auth UI & student onboardingDesigning onboarding UI/state ahead of the backend API
304.April.2026Backend auth & file uploadsSecure session auth and Multer-based file handling
418.April.2026User profiles & navigationModeling distinct student vs. employer profiles cleanly
525.April.2026Database, notifications & profilesWiring TypeORM/Postgres plus real-time WebSocket notifications
602.May.2026TypeScript, Material, passkeys, posts & i18nA large multi-front migration, WebAuthn, and six locales at once
709.May.2026Applications, encryption & deploymentRSA/AES payload encryption interop and the CI/CD pipeline
816.May.2026Profiles, follows, stories & messagingConsolidating profiles while adding a whole social layer
923.May.2026Password recovery & identitySecure email-OTP recovery and a reworked registration flow
1006.June.2026Email, mobile & recruitment pipelineKeeping the shared-state recruitment pipeline consistent end to end
1113.June.2026Matching, discovery & docs deploymentTuning the matching algorithm and deploying the book itself

Week 1 - 21.March.2026

Progress: Project Kickoff — Monorepo & Scaffolding

The first week established the foundation of the Student Part-Time Job Portal by setting up a workspace-based monorepo and scaffolding the backend and frontend applications, plus the documentation book itself.

What was done

  • Initialized a workspace-based monorepo using npm, configuring the root package.json to manage backend and frontend as separate workspaces.
  • Scaffolded the backend as a NestJS application under backend/ (controllers, modules, services, nest-cli.json, tsconfig.json, eslint.config.mjs).
  • Scaffolded the frontend as a Vue.js + Vite application under frontend/.
  • Added convenience scripts in the root package.json to start both services.
  • Added the progress_book mdBook documentation with its initial chapter and book.toml configuration.

Project structure at the end of the week

.
├── backend/            # NestJS API
├── frontend/           # Vue.js + Vite frontend
├── progress_book/      # Documentation (mdBook)
├── package.json        # Root workspace configuration
└── node_modules/       # Shared dependencies

Challenge

The main challenge was establishing a clean monorepo structure that lets the NestJS backend and the Vue + Vite frontend live side by side while sharing a single dependency tree. Getting the workspace configuration, scripts, and tooling to cooperate — without the two stacks stepping on each other — set the tone for the rest of the project.

Commits this week

  • Init project with backend and frontend as Monorepo.
  • Add progress book documentation with initial chapter and configuration.

Week 2 - 28.March.2026

Progress: Authentication UI & Student Onboarding

With the scaffolding in place, work focused on the frontend authentication experience and the student onboarding flow.

What was done

  • Built the authentication UI and wired up client-side state with Pinia, supporting login/register mode switching and role selection.
  • Redesigned the student setup (onboarding) screen with a multi-card layout and an interactive weekly-availability grid.
  • Merged the profile-setup work into main.

Outcome

The frontend can now collect credentials and capture a student’s basic profile and availability during onboarding, backed by a Pinia auth store.

Challenge

Building a polished authentication and onboarding experience before the backend auth API existed meant designing the UI and Pinia state around contracts that were still being defined. The trickiest part was the multi-card student setup with its interactive weekly-availability grid, which had to stay intuitive while capturing structured, schedule-style data.

Commits this week

  • Task 12 — Frontend: Build Auth UI & Pinia State.
  • feat(onboarding): redesign StudentSetup with multi-card layout and availability grid.
  • Merge pull request #2 (feat/task14-profile-setup).

Week 3 - 04.April.2026

Progress: Backend Authentication & File Uploads

This week delivered the first working backend authentication implementation and the file-upload foundation needed for resumes/CVs.

Authentication (NestJS)

  • Added the AuthModule, AuthController, and AuthService with endpoints for registration, login, logout, and the current-session profile.
  • Implemented stateful, session-based authentication using express-session.
  • Added an AuthenticatedGuard to protect routes via session validation.
  • Added bcrypt and express-session dependencies with their TypeScript typings.

File uploads

  • Added the UploadModule and UploadController with single- and multiple-file upload endpoints, configured with Multer.
  • Added @nestjs/platform-express and @types/multer dependencies.

Outcome

The backend now supports a complete session-based auth cycle and can accept file uploads, laying the groundwork for CV handling.

Challenge

The hard part this week was making session-based authentication actually secure and reliable: hashing passwords with bcrypt, persisting sessions with express-session, and guarding routes so only authenticated requests pass. In parallel, configuring Multer for single- and multiple-file uploads required careful handling of file types and limits to prepare for CV/resume storage.

Commits this week

  • Add AuthModule / AuthController / AuthService / AuthenticatedGuard.
  • Add session management with express-session in main bootstrap function.
  • Implement authentication with stateful server + session id.
  • Add UploadModule / UploadController with Multer configuration.
  • Setting up the file upload for Project.

Week 4 - 18.April.2026

Progress: User Profiles & Site Navigation

This week introduced shared site navigation and the first role-aware user/profile domain models on the backend.

What was done

  • Added Navbar and Footer components to establish a consistent site layout.
  • Implemented the user module with separate profile handling for the employer and student roles.
  • Refactored shared backend code into a common folder for reuse across modules.
  • Added supporting backend dependencies and updated the lockfile.

Outcome

The backend now distinguishes student and employer profiles at the data level, and the frontend has reusable navigation chrome.

Challenge

The challenge was modeling two fundamentally different user types — students and employers — within one coherent user domain. Deciding how much profile logic to share versus separate, and refactoring common code into a reusable folder without creating a tangled dependency graph, took careful design so the model could grow cleanly later.

Commits this week

  • Add Navbar and Footer components to enhance site layout.
  • implement user module and profile for employer and student module separated.
  • refactor common folder location.
  • Add backend dependencies and update package-lock.json.

Week 5 - 25.April.2026

Progress: Database Integration, Real-Time Notifications & Student Profiles

This week connected the application to a real database, added real-time notifications, and persisted student profiles. The first formal status review of the product requirements was also recorded.

Database & infrastructure

  • Installed TypeORM and configured a global database connection.
  • Integrated TypeORM with PostgreSQL, centralized .env configuration, and replaced axios with a custom API utility in the frontend auth store.
  • Added a Docker setup with a Postgres service and a persistent data volume.
  • Consolidated dependencies into the root package.json.

Real-time notifications

  • Added a real-time notification system using WebSockets (Task 29).

Student profiles

  • Added the student profile module with DTOs, controller, service, and API integration.
  • Enhanced student profile handling with new fields, improved save logic, and error handling across the frontend and backend.

Status review (01.May.2026)

  • Recorded the current implementation status against the Student Part-Time Job Portal requirements, documenting progress on authentication, student/employer features, admin/moderation, and the next-priority recommendations.

Challenge

Moving from in-memory data to a real PostgreSQL database via TypeORM surfaced the usual integration pain: connection configuration, centralizing .env settings, and standing up Postgres in Docker with a persistent volume. On top of that, adding real-time WebSocket notifications meant managing live connections and events alongside the request/response API, while keeping student-profile persistence consistent across the frontend and backend.

Commits this week

  • feat: add real-time notification system / websocket notifications (Task 29).
  • fix: install typeorm and configure global database connection.
  • Add Docker setup with Postgres service and data volume.
  • Integrate TypeORM with PostgreSQL, centralize .env, replace axios with API util.
  • Add student profile module with DTOs, controller, service, and API integration.
  • Document current implementation status and pending features.

Week 6 - 02.May.2026

Progress: TypeScript Migration, Material Design, Passkeys, Posts & i18n

This was a large week: the frontend was migrated to TypeScript, restyled with a Material Design 3 system, and gained passkey authentication, a social posts feed, a dedicated file service, employer job posting, and multi-language support.

Frontend platform & design

  • Migrated the frontend codebase from JavaScript to TypeScript and replaced jsconfig.json with a modular TypeScript configuration.
  • Refactored navigation to use RouterLink and added static pages for Privacy Policy, Terms of Service, About Us, and Contact.
  • Redesigned the landing page with Material Design 3, introduced a global design token system with light/dark themes, and added a useThemeMode composable.

Authentication

  • Implemented passkey (WebAuthn) authentication: registration, login, and management, backed by a dedicated PasskeyCredential entity.
  • Extended the User entity with the passkey credentials relationship and added bearer-token support to the Axios-based API layer alongside session credentials.

Social posts & file service

  • Added the PostsModule with CRUD functionality and pagination for posts.
  • Integrated the SheepFileService and a standalone file_service for file upload, listing, downloading, and streaming.
  • Introduced a friendly TipTap-based post editor with sanitized markdown rendering and image upload handling.

Employer & internationalization

  • Implemented a job posting form for employers.
  • Implemented full bilingual (EN/KM) support and later added French, Japanese, Simplified Chinese, and Traditional Chinese locale files.
  • Implemented search & filtering for the job feed and a student-facing job detail page.

Challenge

This was the most demanding week of the project, juggling several hard problems at once. Migrating the entire frontend from JavaScript to TypeScript without breaking existing features required disciplined, incremental typing. Implementing passkey (WebAuthn) authentication brought low-level credential and challenge handling, and rolling out six locales (EN/KM/FR/JA/zh-Hans/zh-Hant) demanded a scalable i18n structure — all while introducing a Material Design 3 theme system and a social posts feed with a markdown editor.

Commits this week (selection)

  • Migrate the frontend codebase to TypeScript; add static info pages.
  • Redesign LandingPage with Material Design 3; add theme tokens and useThemeMode.
  • Implement passkey authentication and PasskeyCredential entity.
  • Add PostsModule (CRUD + pagination) and SheepFileService / file_service.
  • Implement employer job posting form.
  • Implement full bilingual support (EN/KM) and additional locales.

Week 7 - 09.May.2026

Progress: Job Applications, Payload Encryption, Social Engagement & Deployment

This week added the job application flow, secured the auth payloads with encryption, enriched posts with social engagement, and set up the CI/CD deployment pipeline.

Job applications & notifications

  • Implemented the job application flow end-to-end.
  • Completed end-to-end integration of the automated real-time notifications engine.

Security

  • Integrated payload encryption for authentication endpoints with a PayloadEncryptionService (RSA-OAEP + AES-GCM) and an EncryptedPayloadDto.
  • Added matching frontend payloadEncryption.ts so login/register payloads are encrypted before transport.
  • Added session management using connect-typeorm with a SessionEntity.

Social engagement

  • Added likes, comments, shares, and bookmarks APIs and UI for posts.
  • Added the missing socket.io-client dependency.
  • Reworked the search section in the placeholder view with role filters and dynamic results.

Deployment pipeline

  • Built out the GitHub Actions deploy workflow: Docker Buildx, multi-platform builds, GHCR image publishing, and podman-compose-based remote deployment, with the image repository name derived dynamically from GITHUB_REPOSITORY.
  • Upgraded backend/frontend Dockerfiles to node:26-alpine.

Challenge

The standout challenge was end-to-end payload encryption: getting RSA-OAEP plus AES-GCM to interoperate correctly between the browser (payloadEncryption.ts) and the NestJS PayloadEncryptionService, so encrypted login/register payloads decrypt reliably. Standing up the CI/CD pipeline was equally fiddly — Docker Buildx, multi-platform builds, GHCR publishing, and podman-compose deployment took many iterations to get the image-repository naming and remote steps right.

Commits this week (selection)

  • feat: implement job application flow.
  • feat: complete end-to-end integration of automated real-time notifications engine.
  • Integrate payload encryption (RSA-AES) for authentication endpoints.
  • feat(posts): add likes, comments, shares, bookmarks API and UI.
  • Add Docker Buildx setup and multi-platform builds in the deploy workflow.
  • Add session management using connect-typeorm and SessionEntity.

Week 8 - 16.May.2026

Progress: Profile Consolidation, Follows, Stories & Messaging

This week unified profile handling into the user module and expanded the social side of the platform with follows, stories, and direct messaging.

Profile consolidation

  • Migrated student and employer profile functionality into a unified Profile module with shared DTOs, services, and controllers, removing redundant modules and entities.
  • Added reusable BaseModal and ProfileModal components for viewing user details.
  • Added Pinia stores for posts and profiles to centralize state management.

Social graph & content

  • Added the follows module (follow/unfollow, follower/following queries, REST endpoints).
  • Added the stories module with creation, retrieval, deletion, and media upload, plus AddStoryModal, StoryViewerModal, a dynamic StoryStrip, and a story Pinia store.
  • Added the messages module with a messaging entity, contact retrieval, and chat history, surfaced through a MessagesSection.

Other improvements

  • Stored the user role in the session and included it in the authenticated guard for role-based access.
  • Added semantic AI match-score breakdowns, interactive feed filters, a PDF resume generator, and backend throttler/rate-limiter security.
  • Persisted the user-selected locale in localStorage.
  • Added drag-and-drop logo upload to the employer setup; began identity verification with student ID-card upload to admin.

Challenge

Consolidating the previously separate student and employer profile code into one unified Profile module — while deleting redundant modules and entities — risked breaking existing flows, so the refactor had to be done carefully. At the same time, building out the social graph (follows), ephemeral stories with media upload, and real-time direct messaging meant designing several new, interrelated features and Pinia stores without destabilizing the rest of the app.

Commits this week (selection)

  • Migrate student/employer profile functionality into a unified Profile module.
  • Add follows module / stories module / messages module.
  • Add Pinia stores for posts and profiles; add BaseModal and ProfileModal.
  • Implement semantic AI match-score breakdowns and backend rate limiter.
  • update student registration including upload id card to admin.

Week 9 - 23.May.2026

Progress: Password Recovery & Identity Verification

This week focused on account recovery and a modernized, trust-aware registration experience.

What was done

  • Implemented forgot-password for users, sending an OTP verification to the user’s email.
  • Modernized the registration flow to bypass onboarding and integrated an identity verification system with trust badges.
  • Fixed an outstanding build error introduced during the registration rework.

Outcome

Users can now recover access through email OTP, and new accounts go through a streamlined, identity-verified registration with visible trust badges.

Challenge

Implementing a secure forgot-password flow with email OTP delivery introduced external email integration and time-limited verification logic that had to be both safe and user-friendly. Modernizing registration to bypass onboarding while weaving in identity verification and trust badges reshaped a core flow — and it broke the build, which then had to be tracked down and fixed.

Commits this week

  • implement forgot password for user with sending otp verification with user email.
  • modernize registration flow, bypass onboarding, and integrate identity verification system with trust badges.
  • fix build error.

Week 10 - 06.June.2026

Progress: Email Notifications, Mobile Responsiveness & Recruitment Pipeline

After a short break, this week delivered global email notifications, mobile layout improvements, and the core of the recruitment pipeline: recommendations, applicant tracking, and the offer-response flow.

Notifications & responsiveness

  • Implemented global email notifications and responsive mobile layouts.
  • Fixed profile and story media upload network errors and optimized mobile responsiveness.
  • Refactored file upload to use only the remote Sheep service and updated API routes.

Recruitment pipeline

  • Implemented matching recommendations, applicant tracking, an offer-response flow, messaging automation, and admin moderation.
  • Enabled employers to view the profiles of applicants and render profiles based on post type.
  • Added student-side saved-jobs viewing in the profile.

Hardening

  • Validated the user role on login and added register-validation DTOs.
  • Improved error handling with a shared getError helper and fixed an admin dashboard logout bug.

Challenge

Returning after a break, the week’s biggest challenge was the recruitment pipeline itself — matching recommendations, applicant tracking, the offer-response flow, messaging automation, and admin moderation all share state and had to stay consistent end to end. Alongside that, making the whole UI responsive on mobile and chasing down profile/story media-upload network errors (resolved by moving uploads fully onto the remote Sheep service) demanded broad, cross-cutting fixes.

Commits this week (selection)

  • Implement global email notifications and responsive mobile layouts.
  • feat: implement matching recommendations, applicant tracking, offer response flow, messaging automation, and admin moderation.
  • employer can view profile of applicants.
  • add register validation dto; Validate user role on login.
  • Refactor file upload to use only remote Sheep service.

Week 11 - 13.June.2026

Progress: Skill Matching, Advanced Discovery & Documentation Deployment

The final week refined the matching engine, expanded job discovery, and made the progress book itself deployable alongside the rest of the platform.

Matching & job discovery

  • Upgraded the skill-matching and job-recommendations algorithm and wired up the job-creation API.
  • Expanded job portal metadata, implemented advanced discovery filtering, and added an interview pipeline stage.
  • Embedded the job feed and detail views into the main dashboard sidebar layout.
  • Updated the student saved-jobs list.

Documentation deployment

  • Added Docker support for the progress_book (multi-stage build with mdBook, served via nginx) and updated the deployment workflow so the book is built, pushed to GHCR, and hosted alongside the backend and frontend.

Outcome

The end-to-end recruitment loop — matching, applying, employer pipeline management, offers, and acceptance — is in place, and the progress book is now a deployable service in the same CI/CD pipeline.

Challenge

The closing challenge was tuning the skill-matching and recommendation algorithm so suggested jobs feel relevant, then layering on advanced discovery filtering and a new interview pipeline stage without overcomplicating the data model. A final, different kind of challenge was operational: turning the static mdBook into a deployable service — a multi-stage Docker build served by nginx and wired into the same GHCR/CI-CD pipeline as the backend and frontend.

Commits this week

  • feat: upgrade skill matching & job recommendations algorithm, wire up job creation API.
  • feat: expand job portal metadata, implement advanced discovery filtering, and add interview pipeline stage.
  • style: embed job feed and detail views into main dashboard sidebar layout.
  • update saves job list for student.
  • Add Docker support for progress_book with nginx and update deployment workflow.