Mentoree
Mentoree is a software engineering group project. Deutsche Bank had requested us to build a system that will promote mentoring culture in their company. Our product, Mentoree, enables mentees to easily find compatible mentors, and make goal-based relationships with them. Users can plan meetings, provide feedback, access workshops, and view their timetables.
Languages
-
React + TailWindCSS
-
Django
-
SQLite3
Docker is used to deploy the application independently from the host it is running on. Using the command “docker compose up”, the application is run in its virtual environment, using its customisable libraries and operating systems that can be specified in a Docker file. This allows for consistency of versions between each developer since we can change the platform the application is used in. Inside this environment, there are to be three main layers on separate ports that all interact with each other:
The frontend. Responsible for producing the interface that the user will interact with (created in React). If the frontend needs to fetch data, it will request the API via HTTP requests.
The backend. RESTful API created in Django handling all
interactions between the user interface and the database by
parsing HTTP requests from the user in the frontend. These
HTTP requests will most commonly be GET, POST, or PUT, depending on the state of the user and what they interacted with. The API will interact with the database to craft a response and send it back to the frontend to display.The database. Implemented in SQLite3 and communicates with the Django API using Object Relational Mapping.
Due to this structure, both the frontend and the backend services must be running on separate ports, meaning that they will be visible to anyone. It poses possible security risks regarding the backend. Anyone can create specially crafted API requests with the possibility of stealing or modifying data. To remedy this, API authentication keys will be used alongside the user’s state within the application to determine whether they are authorised to receive a response from a particular API request; if not, an error is shown.