🚀 Architecture Overview
The platform consists of multiple independent Spring Boot microservices, each responsible for a specific domain. All services communicate through REST APIs and are registered via a Custom Service Registry (Eureka). Requests are routed and secured using a Custom API Gateway that applies JWT-based authentication and role-based access control.
User Service
Manages registration, login, profiles, and roles with JWT authentication
Product Service
Handles product catalog, categories, and inventory management
Cart Service
Manages shopping carts and user sessions seamlessly
Order Service
Processes and tracks orders with email notifications
Payment Service
Integrates with payment gateways and manages transactions
🧱 System Components
| Component | Description |
|---|---|
| Spring Boot | Backend framework for microservice development |
| Spring Security + JWT | Provides secure authentication and authorization |
| Spring Cloud Netflix Eureka | Custom service registry for dynamic service discovery |
| API Gateway | Centralized routing and authentication filter |
| PostgreSQL (AWS RDS) | Relational database for each microservice |
| AWS Secret Manager | Securely stores credentials and API keys |
| JavaMailSender | Sends order and registration confirmation emails |
| Docker | Containerizes each microservice for portability |
| AWS ECR | Stores and manages container images |
| AWS ECS (Fargate) | Hosts and runs containerized microservices |
| GitHub Actions | CI/CD workflow for build, test, and deployment automation |
🔒 Security & Authentication
- Spring Security for authentication and authorization
- JWT (JSON Web Token) for secure session management
- Role-based access control enforced at API Gateway and microservice level
- API Gateway Filters validate JWT tokens before routing requests
- AWS Secrets Manager ensures sensitive credentials are never hardcoded
📧 Email Notifications
The application uses JavaMailSender to send registration confirmation emails, password reset links, and order confirmation with shipping updates. SMTP credentials are securely fetched from AWS Secrets Manager.