About Projects Experience Contact
Back to Projects

RoutineMaker

Microservices-based Routine Management Platform

View on GitHub ↗
RoutineMaker Dashboard showing a sample routine schedule

Overview & Architecture

RoutineMaker is a full-stack web application designed to help users manage their daily routines sustainably. Built from the ground up to utilize modern, decoupled service architecture, it features a React frontend consuming APIs from multiple Python FastAPI backends, fully orchestrated by Docker Compose and reverse-proxied through Nginx.

graph TD Client([Web Client / React SPA]) --> Nginx[Nginx Reverse Proxy] subgraph Docker Network Nginx -. "API Gateway Routing" .-> AuthSvc Nginx -. "API Gateway Routing" .-> BackendSvc Nginx -. "Static Files" .-> Frontend AuthSvc[Auth Service
FastAPI:8001] --> DB[(PostgreSQL)] BackendSvc[Core Backend Service
FastAPI:8000] --> DB Frontend[React Static Server] end style Client fill:#ffe156,stroke:#1a1a1a,stroke-width:2px,color:#1a1a1a style Nginx fill:#ffffff,stroke:#1a1a1a,stroke-width:2px,color:#1a1a1a style AuthSvc fill:#ffffff,stroke:#1a1a1a,stroke-width:2px,color:#1a1a1a style BackendSvc fill:#ffffff,stroke:#1a1a1a,stroke-width:2px,color:#1a1a1a style Frontend fill:#ffffff,stroke:#1a1a1a,stroke-width:2px,color:#1a1a1a style DB fill:#1a1a1a,stroke:#1a1a1a,stroke-width:2px,color:#ffffff

Microservices Design

Instead of building a monolith, RoutineMaker enforces strict boundaries between its primary domains. This structural decision enables horizontal scaling of individual components and isolated development environments.

The Auth Service

A completely isolated FastAPI instance designated solely for user identity. It handles user registration, Argon2 password hashing via Passlib, and JWT token issuance. By decoupling auth, the core backend doesn't need to manage credential flows natively.

The Core Backend

A second FastAPI service dedicated entirely to business logic. It handles the CRUD operations for routines and class sessions, interacting with the SQLAlchemy ORM layer to persist data to a shared PostgreSQL database container.

Nginx API Gateway

Rather than exposing multiple ports to the client, an Nginx container serves as the system's front-door. It routes /api/auth/* traffic to the auth service, /api/* to the core backend, and serves the static React bundle generated by Vite for all other root requests.

Security & Authentication

Security was prioritized from day one using industry best-practices.

  • Password Hashing: Utilized the Argon2 algorithm, which is purposefully designed for secure password hashing and resists GPU-based cracking attempts far better than older hashes like MD5 or SHA512.
  • JWT Authentication: Secure, stateless token-based authentication. The JWT is signed using a secret configuration key and restricts access to user-specific routes.
  • SQL Injection Prevention: Abstracted raw database logic away utilizing the SQLAlchemy ORM, ensuring all queries are parameterized automatically.
  • CORS Protection: Explicitly configured Cross-Origin Resource Sharing middleware in FastAPI to prevent unauthorized domains from polling the API endpoints.

Key Features

  • Dynamic Routine Building: Create distinct routines and dynamically attach unlimited custom "sessions" (classes/tasks) to them visually.
  • Session Cancellation: Toggle cancellation states on individual sessions temporarily without deleting them from the core schedule schema.
  • PDF Exporting: Users can request a physical copy of their schedule. The backend programmatically generates and returns a formatted PDF document using a dedicated pdf_utils.py generator.