A full-stack Spring Boot web application designed to help users organize and manage internship applications in a structured, secure environment.
The application supports authenticated users and guest sessions, includes secure email verification and password reset flows, and is deployed to a Linux-based cloud server.
Live Demo:
https://internship-tracker.tirsansapkota.com
Applying to internships can quickly become disorganized across spreadsheets, notes, and emails. I built this project to create a centralized tracking system while strengthening my skills in backend architecture, authentication flows, database design, and real-world cloud deployment.
This project reflects my ability to build, secure, deploy, and maintain a production-style application independently.
- User registration and login
- BCrypt password hashing
- Email verification with expiring, one-time tokens
- Secure password reset workflow
- Session fixation protection
- CSRF protection
- Create, edit, and delete applications
- Track application status
- Soft-delete support
- Export application data
- Use the application without creating an account
- Applications stored in session
- Import guest applications after registration
- SMTP-based email delivery
- Token-based verification links
- Token expiration and invalidation logic
- Protection against reuse of expired or used tokens
The application follows a layered architecture:
- Controller Layer — Handles HTTP requests and routing
- Service Layer — Business logic and security workflows
- Repository Layer — Data persistence using Spring Data JPA
- Model Layer — Entity definitions and domain models
- DTO Layer — Form data validation and transfer objects
- Configuration Layer — Security and application configuration
Security is implemented using Spring Security with custom success handlers and token validation logic.
Backend
- Java
- Spring Boot
- Spring Security
- Spring Data JPA (Hibernate)
- Thymeleaf (server-side rendering)
Database
- Relational database (configured via environment variables)
Infrastructure & Deployment
- Oracle Cloud Infrastructure (OCI)
- Linux VM
- systemd service management
- Reverse proxy configuration
- Packaged as an executable JAR
Build Tool
- Maven Wrapper
- No hardcoded credentials
- Environment variable–based configuration
- BCrypt password hashing
- CSRF protection enabled
- Session fixation protection
- Expiring, one-time verification tokens
- Token invalidation on new request
Sensitive configuration is handled through environment variables.
Required variables:
DB_URLDB_USERDB_PASSMAIL_HOSTMAIL_PORTMAIL_USERMAIL_PASSAPP_BASE_URL
- Clone the repository
- Set the required environment variables
- Run the application:
./mvnw spring-boot:run