Library Management System | Spring Backend

CoolLib — Distributed Library Core API

Spring Boot Docker Nginx PostgreSQL JWT Security Kotlin

A high-performance backend ecosystem engineered with Clean Architecture. It implements a strict separation between JPA Entities and DTOs, serving as the central orchestration hub for both Android (Kotlin) and iOS (SwiftUI) clients.

Source Code

Project Overview

CoolLib Backend is a robust RESTful service built with Spring Boot and Kotlin. Beyond standard CRUD operations, it manages complex business logic layers to ensure data consistency, security, and seamless synchronization across the mobile ecosystem.

Key Technical Wins

Layered Architecture

Strictly follows the Controller-Service-Repository pattern, ensuring complete decoupling between business logic and data access layers.

Secure Sessions

Integrated Spring Security with JWT (JSON Web Tokens) to provide a stateless authentication mechanism tailored for mobile clients.

Persistence Layer

Leverages PostgreSQL and Spring Data JPA, ensuring the atomicity of borrowing operations through @Transactional services.

Cloud-Native Deployment

Containerized with Docker Compose and secured via Cloudflare Tunnel, utilizing Nginx as a reverse proxy for robust, Zero-Trust external access.

System Architecture

Architecture Design

graph TD A[CoolLib Android Jetpack Compose] B[CoolLib iOS SwiftUI + SwiftData] C{Restful API Spring MVC + JWT} D[Business Logic Book Service Layer] E[Data Access Spring Data JPA] F[(Persistence PostgreSQL)] A --> C B --> C C --> D D --> E E --> F style A fill:#3DDC84,stroke:#2eb26a,stroke-width:2px,color:#fff style B fill:#5AC8FA,stroke:#3fa7d6,stroke-width:2px,color:#fff style C fill:#6DB33F,stroke:#5a9234,stroke-width:2px,color:#fff style D fill:#4CAF50,stroke:#3d8b40,stroke-width:1px,color:#fff style E fill:#388E3C,stroke:#2e7031,stroke-width:1px,color:#fff style F fill:#336791,stroke:#264e6e,stroke-width:2px,color:#fff linkStyle default stroke:#8B4513,stroke-width:1.5px

*The backend follows a strict Stateless pattern.*

Authentication Flow

JWT Authentication Flow

sequenceDiagram autonumber participant Mobile as Mobile App participant Spring as Spring Boot API participant JWT as JwtProvider participant DB as PostgreSQL Note over Mobile, DB: 1. Login & Token Generation Mobile->>Spring: POST /api/auth/login Spring->>DB: Validate Credentials (BCrypt) DB-->>Spring: User Found & Matches Spring->>JWT: Generate Claims (UserID, Role) JWT-->>Spring: Return Signed JWT Spring-->>Mobile: 200 OK (Access Token) Note over Mobile, DB: 2. Authorized Request (Stateless) Mobile->>Spring: POST /api/loan (Header: Bearer <token>) Spring->>JWT: Validate Signature & Claims JWT-->>Spring: Token Valid (User: Ryan) Spring->>DB: Execute Loan Books Business DB-->>Spring: Return Data

*The security layer uses a OncePerRequestFilter to intercept and validate JWTs.*

Tech Stack

Core Framework: Spring Boot, Kotlin, Gradle
Security: JWT, Spring Security, BCrypt Password Hashing
Data Management: PostgreSQL, Spring Data JPA, Hibernate ORM
Standards & DevOps: RESTful Design, Docker, Docker Compose, Nginx, Cloudflare Tunnel

Core Features

Identity Management

Advanced Search

Transaction Logic

Deployment Stack

Method	Endpoint	Description
POST	`/api/v1/auth/login`	Verify credentials and issue a JWT Access Token.
POST	`/api/v1/borrow/scan`	Process borrowing via Barcode/ISBN scan. In Dev
GET	`/api/v1/stats/loans`	Fetch aggregate data of active loans and trends. Planned
GET	`/api/v1/users/profile`	Retrieve identity claims from the decrypted JWT payload.
GET	`/api/v1/auth/validate`	Check if the current token is expired or blacklisted.

Method	Endpoint	Description
GET	`/api/v1/books/search`	Multi-criteria filtering by Title, Author, Publisher, and Year.
GET	`/api/v1/books/fuzzy`	Fuzzy search using Levenshtein Distance or partial matching logic. In Dev
GET	`/api/v1/books/recommend`	Content-based filtering using User Borrowing History. Planned
GET	`/api/v1/books/isbn/{isbn}`	Direct lookup via 10 or 13-digit International Standard Book Number.

Transaction Processing Pipeline

ACID SECURE

Identity Authorization
Extract userId & roles from JWT claims.
Concurrency Locking
Execute SELECT FOR UPDATE to prevent race conditions.
Business Validation
Verify stock availability and user borrow limits.

                                Atomic Commit

                                Persist LoanRecord & update Inventory.
                            

Managed by Spring @Transactional logic.

Production-Ready Infrastructure

DOCKERIZED

Zero-Trust Tunnel

Integrated Cloudflare Tunnel to expose the API securely without opening public ports or managing SSH certs.

Nginx Gateway

Reverse proxy handling SSL termination and request rate-limiting before reaching the Spring Boot instance.

            User → Cloudflare → [Cloudflared] → Nginx → Spring Boot → PostgreSQL
        

Mobile Connectivity

Both Android and iOS clients interact with this backend through standard REST endpoints.

Required Header:


                    Authorization: Bearer <token>

MENU