BookingSystem

Full-stack booking platform with a Spring Boot backend and a Vite/React frontend. Users can browse facilities, view availability, book time slots, chat with an AI helper, and get weather-based suggestions. Admins manage facilities, time slots, users, and approve/reject bookings.

Tech Stack

• Backend: Java 17, Spring Boot 3, Spring Security (JWT), JPA/Hibernate, PostgreSQL, MapStruct, Lombok
• Frontend: React (Vite), Redux + Thunk, MUI, Framer Motion
• Build/tooling: Maven Wrapper, ESLint, Vite

Repo Layout

• backend/ — Spring Boot API
  • src/main/java/org/booking/backend/controllers — REST controllers
  • src/main/resources/application.properties — app configuration and JWT settings
  • schema.sql, seed.sql — optional DDL/DML helpers
• frontend/ — Vite/React client
  • src/utils/apiprefix.js — API base URL (http://localhost:8080/api by default)

Features (high level)

• JWT auth with /api/auth/register and /api/auth/login
• Role-based access (USER, ADMIN) with method-level guards
• Facility catalog and availability browsing
• Booking creation, cancellation, approval/rejection
• Time slot management (admin)
• User dashboards and stats
• AI chatbot and weather-driven booking suggestions

Prerequisites

• Java 17+
• Node.js 18+ (or 20+ recommended)
• Maven Wrapper (./mvnw) and npm available on PATH
• PostgreSQL running locally or accessible via network

Backend Setup (backend/)

1. Configure database connection in src/main/resources/application.properties (add these if not present):

   spring.datasource.url=jdbc:postgresql://localhost:5432/booking
   spring.datasource.username=your_user
   spring.datasource.password=your_password
   spring.jpa.hibernate.ddl-auto=update

   • Adjust DB name/user/password as needed. spring.jpa.hibernate.ddl-auto=update is already set; change to validate in production.
2. (Optional) Initialize schema/data using schema.sql and seed.sql if you prefer scripted setup.
3. Run the API:

   ./mvnw spring-boot:run

4. Health check: GET http://localhost:8080/api/auth/verify with a valid JWT.

Security Notes

• JWT properties live in application.properties (application.security.jwt.secret-key, expiration times). Rotate secrets before production and keep them out of VCS in real deployments.
• Public endpoints: /api/auth/**. All others require authentication; admin-only endpoints manage facilities, slots, users, and booking approvals. User-specific endpoints are ownership-gated where applicable.

Frontend Setup (frontend/)

1. Install deps:

   npm install

2. Start dev server (defaults to port 5173):

   npm run dev

3. Build for production:

   npm run build

4. API base URL is set in src/utils/apiprefix.js. Point it to your backend if not http://localhost:8080/api.

Useful Scripts

• Backend tests: ./mvnw test
• Frontend lint: npm run lint
• Frontend preview (after build): npm run preview

Common Troubleshooting

• DB connection errors: verify spring.datasource.* values and that PostgreSQL is running and reachable.
• 401/403 responses: ensure the Authorization: Bearer <jwt> header is present; login via /api/auth/login to obtain a token.
• CORS issues: backend allows http://localhost:3000 and http://localhost:5173 by default; update CorsConfigurationSource in SecurityConfig if your frontend runs elsewhere.

Production Hardening (quick list)

• Externalize secrets (JWT key, DB creds) via environment variables or a vault
• Set stronger JWT expiration/refresh policies and HTTPS everywhere
• Use spring.jpa.hibernate.ddl-auto=validate and managed migrations (Flyway/Liquibase)
• Restrict CORS origins to trusted hosts
• Add monitoring/logging/metrics and backup/restore for the database