A full-stack User Management System built with Spring Boot, React, PostgreSQL, Redis, and Kong API Gateway.
- User Management: Create, read, update, delete users with status management
- Role-Based Access Control: Hierarchical role system with permissions
- Permission Management: Fine-grained permission controls tied to resources
- Secure Authentication: JWT-based auth with httpOnly cookies
- Rate Limiting: Redis-backed rate limiting to prevent abuse
- Policy Engine: Open Policy Agent (OPA) for authorization decisions
| Layer | Technology |
|---|---|
| Frontend | React + TypeScript + Tailwind CSS |
| Backend | Spring Boot 3.x + Java 17 |
| Database | PostgreSQL 15 |
| Cache | Redis 7 |
| API Gateway | Kong 3.5 |
| Policy Engine | Open Policy Agent (OPA) |
| Containerization | Docker + Docker Compose |
┌─────────────┐ ┌─────────────┐ ┌─────────────┐ ┌─────────────┐
│ Browser │────▶│ Kong GW │────▶│ Backend │────▶│ PostgreSQL │
└─────────────┘ │ (JWT/Rate) │ │ (Spring) │ └─────────────┘
└─────────────┘ └─────────────┘
│ │
▼ ▼
┌─────────────┐ ┌─────────────┐
│ Redis │ │ OPA │
│ (Rate Limit)│ │ (Policy) │
└─────────────┘ └─────────────┘
- Docker & Docker Compose
- Git
-
Clone the repository
git clone <your-repo-url> cd NewUserManagementSystem
-
Start all services
cd docker docker compose up -d -
Access the application
- Frontend: http://localhost:3000
- Kong Admin: http://localhost:8001
-
Default Admin Credentials
- Username:
admin - Password:
admin123
- Username:
| Service | Container | Port | Description |
|---|---|---|---|
| Frontend | ums-frontend | 3000 | React SPA |
| API Gateway | ums-kong | 8000 | Kong Gateway |
| Backend | ums-backend | 9090 | Spring Boot API |
| Database | ums-postgres | 5432 | PostgreSQL |
| Cache | ums-redis | 6379 | Redis |
| Policy | ums-opa | 8181 | OPA Engine |
NewUserManagementSystem/
├── backend/ # Spring Boot application
│ ├── src/main/java/ # Java source code
│ ├── src/main/resources/ # Configuration
│ ├── pom.xml # Maven config
│ └── Dockerfile
├── frontend/ # React application
│ ├── src/ # TypeScript source
│ ├── package.json # NPM config
│ └── Dockerfile
├── docker/ # Docker Compose
│ └── docker-compose.yml
├── kong/ # Kong configuration
│ └── kong.yml
├── opa/ # OPA policies
│ └── policies/
├── database/ # Database schema
│ └── schema.sql
└── docs/ # Documentation
├── architecture.md
├── SessionToken.md
└── USER_GUIDE.md
POST /api/v1/auth/login- User loginPOST /api/v1/auth/refresh- Refresh tokenPOST /api/v1/auth/logout- Logout
GET /api/v1/users- List users (paginated)POST /api/v1/users- Create userGET /api/v1/users/{id}- Get userPUT /api/v1/users/{id}- Update userDELETE /api/v1/users/{id}- Delete userPOST /api/v1/users/{id}/roles- Assign roleDELETE /api/v1/users/{id}/roles/{roleId}- Remove role
GET /api/v1/roles- List rolesPOST /api/v1/roles- Create rolePUT /api/v1/roles/{id}- Update roleDELETE /api/v1/roles/{id}- Delete role
GET /api/v1/permissions- List permissionsPOST /api/v1/permissions- Create permissionPUT /api/v1/permissions/{id}- Update permissionDELETE /api/v1/permissions/{id}- Delete permission
- Architecture - System architecture diagrams
- Session Tokens - JWT and cookie documentation
- User Guide - End-user documentation
MIT License