Merge pull request #1 from Sachinchaurasiya360/main

Picture is getting uploaded crop is getting failed,

Author: JAbhishek09

.env.example

@@ -0,0 +1,63 @@
+# InternHack · root environment template (Docker Compose + reference for local dev)
+#
+# Quick start:
+#   cp .env.example .env
+#   Fill in at least JWT_SECRET plus any OAuth/API keys you need.
+#   docker compose up --build
+#
+# Redis is intentionally not documented here — InternHack does not use Redis yet.
+#
+
+# ── Docker Compose: PostgreSQL ─────────────────────────────────────────
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=postgres
+POSTGRES_DB=internhack
+
+# Used by docker compose compose-time interpolation (healthchecks, URLs).
+# The server container also receives DATABASE_URL from docker-compose.yml (postgres hostname).
+
+# ── Database (required) ────────────────────────────────────────────────
+# Non-Docker / host Node: keep localhost here. Compose overrides this inside the API container.
+DATABASE_URL=postgresql://postgres:postgres@localhost:5432/internhack
+
+# ── Server (minimum boot: DATABASE_URL + JWT_SECRET in server/src/index.ts) ──
+JWT_SECRET=
+
+DODO_PAYMENTS_API_KEY=
+DODO_PAYMENTS_WEBHOOK_KEY=
+DODO_PAYMENTS_ENVIRONMENT=live_mode
+DODO_PRODUCT_ID_MONTHLY=
+DODO_PRODUCT_ID_YEARLY=
+ADZUNA_APP_ID=
+ADZUNA_APP_KEY=
+GEMINI_API_KEY=
+AWS_REGION=
+AWS_ACCESS_KEY_ID=
+AWS_SECRET_ACCESS_KEY=
+AWS_S3_BUCKET=
+CALENDLY_URL=
+VITE_API_URL=
+ALLOWED_ORIGINS=http://localhost:5173
+GOOGLE_CLIENT_ID=
+RESEND_API_KEY=
+EMAIL_FROM=
+GROQ_API_KEY=
+OPENROUTER_API_KEY=
+CODESTRAL_API_KEY=
+JUDGE0_RAPIDAPI_KEY_1=
+JUDGE0_RAPIDAPI_KEY_2=
+JUDGE0_RAPIDAPI_KEY_3=
+JUDGE0_RAPIDAPI_KEY_4=
+INBOUND_FORWARD_TO=
+RESEND_WEBHOOK_SECRET=
+CLAUDE_API=
+EXA_API_KEY=
+EXTERNAL_JOB_API_KEY=
+# LeetCode import server flag — false to disable (default: enabled)
+LEETCODE_IMPORT_ENABLED=true
+
+# ── Client (Vite · exposed to the browser — prefix required) ────────────
+VITE_GOOGLE_CLIENT_ID=
+VITE_DODO_MODE=test_mode
+# LeetCode import client flag — set to false to disable (default: enabled)
+VITE_LEETCODE_IMPORT_ENABLED=true

.github/workflows/ci.yml

@@ -0,0 +1,74 @@
+name: CI
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  typecheck-client:
+    name: Typecheck Client
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: "npm"
+          cache-dependency-path: client/package-lock.json
+
+      - name: Install dependencies
+        run: npm ci
+        working-directory: client
+
+      - name: Run TypeScript check
+        run: npx tsc --noEmit
+        working-directory: client
+
+  typecheck-server:
+    name: Typecheck Server
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: "npm"
+          cache-dependency-path: server/package-lock.json
+
+      - name: Install dependencies
+        run: npm ci
+        working-directory: server
+
+      - name: Generate Prisma client
+        run: npx prisma generate --schema=src/database/prisma/schema
+        working-directory: server
+
+      - name: Run TypeScript check
+        run: npx tsc --noEmit
+        working-directory: server
+
+  lint-client:
+    name: Lint Client
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: "npm"
+          cache-dependency-path: client/package-lock.json
+
+      - name: Install dependencies
+        run: npm ci
+        working-directory: client
+
+      - name: Run ESLint
+        run: npx eslint . --ext .ts,.tsx
+        working-directory: client

AGENTS.md

@@ -0,0 +1,111 @@
+# InternHack, Codex Instructions
+
+## Project Overview
+InternHack is a full-stack internship/career platform for students with AI-powered tools, learning modules, and recruiter features.
+
+## Quick Start
+- **Server:** `cd server && npm run dev` (runs `tsx watch src/index.ts`)
+- **Client:** `cd client && npm run dev` (Vite on port 5173)
+- **Migrations:** Must run from `server/src/database/`, that's where `prisma.config.ts` lives
+
+## Repo Map
+**Always read `.Codex/REPO_MAP.md` before any editing task.** It maps every module, route, model, and component.
+
+## Stack
+- **Client:** React 18 + Vite 7 + TailwindCSS 4 + React Router 7 + Framer Motion + Zustand + React Query
+- **Server:** Express 5 + TypeScript 5 + Prisma 7 + PostgreSQL
+- **AI:** Google Gemini (`gemini-2.5-flash-lite`)
+- **Auth:** JWT in `Authorization: Bearer <token>` header; Zustand auth store on client
+- **Payments:** dodo payment
+- **Storage:** AWS S3 with local fallback
+
+## Code Style Rules
+
+### TailwindCSS v4
+- Use canonical TW v4 classes only
+- No `bg-gradient-*` shorthand, use `bg-linear-to-*` instead
+- No arbitrary bracket sizes like `text-[17px]`, use standard scale classes
+- No gradient backgrounds on icons, use flat color or bare colored icons
+
+### UI Conventions
+- **No pill badges**, do not use `rounded-full` category/section tag pills above page headings. Use `mt-6` on the header wrapper for top spacing instead
+- Company avatars: first-letter initial in neutral box, not generic icon
+- DRY: no duplicate helpers, shared animation variants per file
+
+### TypeScript
+- Strict mode enabled on both client and server
+- Use Zod for all server-side validation (see `*.validation.ts` files)
+- Client types mirror server models in `client/src/lib/types.ts`
+
+### Module Pattern (Server)
+Every server module follows: `<name>.routes.ts` → `<name>.controller.ts` → `<name>.service.ts`
+- Routes: Express router with middleware chain (auth, role, usage-limit, validation)
+- Controller: Handles request/response, calls service, formats errors
+- Service: Business logic, DB queries, external API calls
+
+### Premium Gating Pattern
+For premium-only features (see `latex-chat.controller.ts`):
+```typescript
+const user = await prisma.user.findUnique({
+  where: { id: req.user.id },
+  select: { subscriptionPlan: true, subscriptionStatus: true },
+});
+const isPremium =
+  (user.subscriptionPlan === "MONTHLY" || user.subscriptionPlan === "YEARLY") &&
+  user.subscriptionStatus === "ACTIVE";
+```
+
+### Usage Limits
+Daily usage limits are enforced via `usageLimit(action)` middleware.
+Actions: `ATS_SCORE`, `COVER_LETTER`, `GENERATE_RESUME`, `JOB_APPLICATION`, `MOCK_INTERVIEW`
+Config in `server/src/config/usage-limits.ts`.
+
+## Key Patterns
+
+### Adding a New API Endpoint
+1. Create/update `*.routes.ts` with Express router
+2. Create/update `*.controller.ts` with request handling
+3. Create/update `*.service.ts` with business logic
+4. Create/update `*.validation.ts` with Zod schemas
+5. Register routes in `server/src/index.ts`
+
+### Adding a New Client Page
+1. Create page component in `client/src/module/<area>/<PageName>.tsx`
+2. Add lazy import in `client/src/App.tsx`
+3. Add route in the appropriate route group (public/student/recruiter/admin)
+
+### AI Integration (Gemini)
+- Use `GoogleGenerativeAI` from `@google/generative-ai`
+- Model: `gemini-2.5-flash-lite`
+- For structured responses with LaTeX content, use XML tags (`<reply>`, `<latex>`) instead of JSON
+- Always handle parse failures with fallbacks
+
+### Button Component
+Use the reusable `Button` from `client/src/components/ui/button.tsx` (CVA-based) for all new buttons.
+- Variants: `primary`, `secondary`, `mono`, `ghost`, `danger`
+- Modes: `button` (default), `icon`, `link`
+- Sizes: `sm`, `md`, `lg`
+- Supports `asChild` (Radix Slot) for composing with `<Link>` or other elements
+- Import: `import { Button } from "../../components/ui/button"`
+
+### SEO on Internal Pages
+All admin and recruiter pages must include `<SEO title="Page Title" noIndex />`. Public pages use full SEO props.
+
+### File Upload Validation
+`DynamicFieldRenderer.tsx` validates file uploads client-side (size ≤ 5 MB, allowed types). Follow this pattern for any new file upload UI.
+
+### React.memo Convention
+Wrap list-rendered child components (cards, badges, list items) with `React.memo` when they receive stable props and don't have internal state that changes frequently. Use named function form:
+```tsx
+export const MyCard = React.memo(function MyCard({ data }: Props) { ... });
+```
+
+### Repo Request Approval Flow
+Students can suggest repos via `POST /api/opensource/requests`. Admin reviews at `/admin/repo-requests`. On approval, the repo is auto-created and the student gets an email. Routes are in `opensource.routes.ts`, `/requests/*` routes must appear BEFORE `/:id` to avoid route conflicts.
+
+## Do NOT
+- Create Prisma migrations without confirming, run from `server/src/database/`
+- Use `bg-gradient-*` in TailwindCSS, use `bg-linear-to-*`
+- Add `rounded-full` pill badges above headings
+- Fabricate new UsageAction enum values, reuse existing ones to avoid migrations
+- Push to remote without explicit permission

CODE_OF_CONDUCT.md

@@ -0,0 +1,70 @@
+# Code of Conduct
+
+## Our Commitment
+
+We are committed to creating a welcoming, respectful, and inclusive environment for everyone participating in this project.
+
+All contributors, maintainers, and community members are expected to treat each other with kindness and professionalism.
+
+## Expected Behavior
+
+Examples of positive behavior include:
+
+- Being respectful to others
+- Using inclusive and professional language
+- Accepting constructive feedback
+- Helping other contributors
+- Collaborating positively
+- Respecting different opinions and experiences
+- Supporting a healthy open-source community
+- Writing clear and meaningful discussions
+
+## Unacceptable Behavior
+
+Examples of unacceptable behavior include:
+
+- Harassment or discrimination
+- Offensive comments or personal attacks
+- Trolling or insulting behavior
+- Sharing private information without permission
+- Spamming or disruptive actions
+- Using inappropriate language
+- Any behavior that creates an unsafe environment
+
+## Responsibilities
+
+Project maintainers are responsible for:
+
+- Enforcing this Code of Conduct
+- Reviewing reported issues fairly
+- Maintaining a respectful environment
+- Taking action against harmful behavior when necessary
+
+## Scope
+
+This Code of Conduct applies to:
+
+- GitHub issues
+- Pull requests
+- Discussions and comments
+- Community interactions related to this project
+
+## Enforcement
+
+Unacceptable behavior may result in:
+
+1. A warning
+2. Temporary restriction from participation
+3. Permanent removal from the community
+
+The action taken will depend on the severity of the violation.
+
+## Reporting Issues
+
+If you experience or witness unacceptable behavior, please report it to the project maintainers.
+
+All reports will be handled respectfully and confidentially.
+
+## Final Note
+
+By participating in this project, you agree to follow this Code of Conduct and help create a positive and collaborative environment for everyone.

CONTRIBUTING.md

@@ -43,6 +43,8 @@ This guide walks you through everything from setting up the project to submittin
 | PostgreSQL | 14+ | Database |
 | Git | 2.30+ | Version control |
 
+**Docker Compose shortcut:** You can run Postgres + API + client with only Docker by following the README “Docker Compose (alternative)” section (root `.env.example` plus `docker compose up`). That path does **not** use Redis — the app stack is PostgreSQL only.
+
 You'll also need:
 - A **Google Cloud Console** project for OAuth (client ID)
 - A **Gemini API key** ([free at aistudio.google.com](https://aistudio.google.com/apikey))
@@ -57,14 +59,20 @@ cd InternHack
 
 ### Step 2: Set up environment variables
 
+**Docker Compose:** copy the template at the repo root:
+
 ```bash
-# Server environment
-cp server/.env.example server/.env
+cp .env.example .env
+```
 
-# Client environment
+**Classic setup:** separate client and server copies:
+
+```bash
+cp server/.env.example server/.env
 cp client/.env.example client/.env
 ```
 
+
 Open `server/.env` and fill in the **required** values:
 
 ```env