Software Design - AvengerDisassemble/KU-connect GitHub Wiki
Version: 2.0
Date: 5 Nov 2025
Prepared by: AvengerDisassemble Team
This document defines the software architecture of the KU Connect system — a web platform connecting KU’s Software and Knowledge Engineering (SKE) and Computer Engineering (CPE) students with verified employers.
It outlines the system structure, major components, data model, and interaction flows for developers, maintainers, and stakeholders to understand how the system is organized and how it fulfills the functional and non-functional requirements.
KU Connect provides the following capabilities:
- Student profile management, job browsing, and applications
- Employer verification, job posting, and applicant management
- Administrator moderation, reporting, and analytics
- Professor dashboard for career data insights
The document focuses on the backend architecture, built with Node.js, Express, and Prisma ORM for PostgreSQL, with a RESTful API serving a React (Vite + TS) frontend.
KU Connect acts as a secure bridge between students, alumni, and employers through verified digital interaction. Each role interacts via a role-specific dashboard. Professors and administrators have read-only and oversight capabilities respectively.
| Layer | Technology | Purpose |
|---|---|---|
| Frontend | React + Vite + TypeScript | Interactive SPA, communicating with backend APIs |
| Backend | Express.js + Node.js | REST API, middleware orchestration |
| ORM | Prisma ORM | Database schema and migrations for PostgreSQL |
| Database | PostgreSQL (prod), SQLite (test) | Persistent data layer |
| Auth | JWT (stateless) + Passport | Authentication & OAuth integration |
| Testing | Jest + Supertest | Unit, integration, and API testing |
| Deployment | Node.js runtime | Host backend service |
| Security | bcrypt, JWT validation, CORS | Secure access, request validation, and rate limiting |
The backend follows a Layered Architecture (N-tier) pattern:
- Presentation Layer — API endpoints via Express routes
- Business Logic Layer — Service layer implementing domain logic
- Data Access Layer — Prisma ORM models and database transactions
This separation ensures maintainability, testability, and scalability.
[Frontend (React/Vite)] <--HTTP/JSON--> [Backend (Express + Prisma)] <--SQL--> [PostgreSQL Database]
- APIs are mounted at
/apiunder Express. - The backend exposes REST endpoints that serve authenticated, role-based data operations.
- Static assets (e.g., avatars, resumes) are served from
/uploadsduring local development.
/project-root
│
├── /backend
│ ├── server.js # Application entry point
│ ├── package.json
│ ├── .env, .env.example # Environment configuration
│ ├── jest.config.js, jest.setup.js
│ │
│ ├── /src # Core backend source
│ │ ├── app.js # Express setup, middleware, routes
│ │ ├── /controllers # API request handlers
│ │ ├── /routes # Auto-mounted API route definitions
│ │ ├── /models # Database helper methods
│ │ ├── /services # Business logic and orchestration
│ │ ├── /middlewares # Auth, validation, error handling
│ │ ├── /validators # Joi validation schemas
│ │ └── /utils # Utilities (JWT, logging, token helpers)
│ │
│ ├── /prisma # ORM schema and migrations
│ │ ├── schema.prisma
│ │ ├── seed.js
│ │ └── /migrations
│ │
│ ├── /documents # Internal docs & context (this file)
│ ├── /scripts # Seeder and maintenance scripts
│ ├── /tests # Unit & integration tests (mirrors src)
│ ├── /uploads # Static user uploads (local dev)
│ └── README.md
│
└── /frontend # Frontend (React + Vite + TS)
├── src/
├── vite.config.ts
├── tailwind.config.js
└── README.md
All backend APIs are mounted under /api through src/app.js.
Dynamic route registration is automatically managed by src/routes/index.js:
| Rule | Example |
|---|---|
index.js inside a folder → base route |
/api/profile/ |
file.js inside a folder → nested route |
/api/profile/update |
| Middleware | Location | Description |
|---|---|---|
| authMiddleware | /middlewares/authMiddleware.js |
Verifies JWT, blocks SUSPENDED users |
| optionalAuthMiddleware | same file | Attaches req.user if valid token exists |
| verifiedUserMiddleware | same file | Ensures req.user.status === 'APPROVED' before sensitive actions |
| roleMiddleware(allowedRoles) | /middlewares/roleMiddleware.js |
Role-based access control (RBAC) |
| ownerOrAdminMiddleware(userIdParam?) | same file | Allows only resource owner or ADMIN |
| validate | /middlewares/validate.js |
Central Joi validator for body/query/params |
| errorHandler | /middlewares/errorHandler.js |
Global error handler for Prisma/JWT/Multer |
| rateLimitMiddleware | /middlewares/rateLimitMiddleware.js |
Limits API requests |
| downloadRateLimit | same file | Restricts download bandwidth for security |
Mount Order:
CORS → JSON Parser → Cookie Parser → Passport → Routes → Error Handler
Each domain (user, job, application, report, announcement) has a corresponding service under /src/services.
Services encapsulate business rules such as:
- Application submission eligibility
- Employer posting validation
- Admin moderation rules
- Professor dashboard analytics aggregation
The Prisma schema defines all tables and relations (as shown in /prisma/schema.prisma).
The key entities include:
| Entity | Description |
|---|---|
| User | Core identity record for all roles |
| Student | Student-specific info (degree, GPA, resume) |
| HR (Employer) | Employer company profile and verification |
| Professor / Admin | Specialized roles linked to user record |
| Job | Employer job posting entity |
| Application | Student job application record |
| Announcement / Notification | Communication system entities |
| JobReport | User-submitted report for moderation |
📎 See ER diagram in /docs/er-diagram.md for relationships.
The /tests directory mirrors /src for clarity:
/tests
├── /controllers
├── /services
├── /middlewares
└── /src
- Jest for test orchestration
- Supertest for API endpoint testing
- Prisma test client (SQLite) for isolated DB tests
- Maintain >80% code coverage across backend
- Mock external APIs and sensitive endpoints
| Category | Standard |
|---|---|
| Code Style | JavaScript Standard Style |
| Documentation | JSDoc for function/class comments |
| Comments | Use comments to explain why, not what |
| Error Handling | Centralized via errorHandler.js
|
| Linting |
eslint configured via StandardJS |
- Authentication: JWT (access token via cookie or header)
- Authorization: Role-based (STUDENT, PROFESSOR, EMPLOYER, ADMIN)
- Session Handling: Stateless, no persistent sessions
-
CORS: Configured via
FRONTEND_URL, credentials enabled - Data Validation: All inputs validated via Joi
- Rate Limiting: Global and download-specific throttling
-
Storage: Local storage or external provider (based on
STORAGE_PROVIDER)
# Install dependencies
npm install
# Copy environment file and configure values
cp .env.example .env
# Run Prisma migration and generate client
npx prisma migrate dev
npx prisma generate
# Start development server
npm run start- Deployed to Node.js runtime (production mode)
- PostgreSQL database via cloud provider
- CI/CD pipeline handles migrations and restart
| Decision | Reason |
|---|---|
| Express.js + Prisma | Balanced simplicity, flexibility, and database safety |
| Layered Architecture | Separation of concerns improves maintainability |
| JWT Authentication | Stateless security ideal for multi-role system |
| SQLite for Testing | Enables isolated, fast integration tests |
| Automatic Route Registration | Reduces manual routing and improves scalability |
- KU Connect SRS Document
- KU Connect ER Diagram
- KU Connect Process Flow Documentation
- Prisma Schema
📄 End of Document