A full-stack web application enabling students to lend, borrow, or sell items within their campus community. Built for SRM students to promote collaboration, sustainability, and easy resource sharing.
GotYourBack is a campus-exclusive platform designed to help SRM students lend, borrow, and sell academic or personal items within their community. It promotes collaboration, sustainability, and accessibility by simplifying how students share essential resources.
- Quick Start Guide
- Features
- Technology Stack
- Database Schema
- API Reference
- Security Features
- Testing Guide
- Troubleshooting
- MySQL 8.0+
- Java 17+
- Maven 3.6+
- Modern web browser
- Live Server extension (VS Code) or any HTTP server
1. Clone Repository
git clone https://github.com/atharvpatil18/GotYourBack.git
cd GotYourBack2. Database Setup
cd Backend
mysql -u root -p < src/main/resources/db/DB_SETUP.sql
# Enter your MySQL root password3. Configure Backend (if needed)
Edit Backend/src/main/resources/application.yml:
spring:
datasource:
password: your_mysql_password4. Start Backend
mvn spring-boot:runβ
Backend runs on http://localhost:8080
5. Start Frontend
- Open
Frontend/index.htmlwith Live Server - Or visit
http://localhost:5500
6. Create Account & Login
- Visit
/signup.html - Use your email to register
- Login and start sharing!
β β βββ service/ # Business logic layer
β β βββ model/ # JPA entities---
β β βββ dto/ # Data transfer objects
β β βββ repository/ # Database repositories## π― Purpose & Impact
β β βββ config/ # Security & CORS config
- Post Items: List items to lend or sell with details and images
- Browse & Search: Filter by category, type, urgency, keywords
- Request System: Send, accept, or reject requests
- Real-time Messaging: Chat with users for accepted requests
- Smart Notifications: Get notified of all activities
- Profile Management: Update personal details
1. Borrower sends REQUEST
β
2. Owner ACCEPTS request
β
3. Owner clicks "Mark as Lent" (when handing over item)
β
4. Borrower clicks "Confirm Receipt" (when receiving item)
β
5. Either party clicks "Mark as Done" (transaction in use)
β
6. Both parties "Confirm Return" (when item returned)
β
7. Item status β AVAILABLE (back in browse)
1. Buyer sends REQUEST
β
2. Seller ACCEPTS
β
3. Either clicks "Mark as Done"
β
4. Transaction COMPLETE
Automatic notifications for:
- New requests received
- Request accepted/rejected
- Item marked as lent
- Receipt confirmed
- New messages received
- Return confirmations
- Transaction completed
- Private messaging for accepted requests
- Real-time message threads
- Message history
- Organized by conversation
| Component | Technology |
|---|---|
| Framework | Spring Boot 3.5.6 |
| Database | MySQL 8.0 |
| ORM | JPA/Hibernate |
| Security | BCrypt Password Hashing |
| Build Tool | Maven |
| API Style | RESTful |
| Component | Technology |
|---|---|
| Core | Vanilla JavaScript (ES6 Modules) |
| UI Framework | Bootstrap 5 |
| Icons | Bootstrap Icons |
| HTTP Client | Fetch API |
| Architecture | MVC Pattern |
users # User accounts
items # Items for lending/selling
requests # Borrowing/buying requests
messages # User-to-user messages
notifications # Activity notificationsUsers (users)
- Fields: id, name, email, password, department, registration_number, year_of_study
- Relations: β items (one-to-many), β requests (one-to-many)
Items (items)
- Fields: id, name, description, category, type, status, urgency, image_url, owner_id
- Types: LEND, SELL
- Status: AVAILABLE, SOLD, RETURNED, UNAVAILABLE
Requests (requests)
- Fields: id, item_id, requester_id, status, timestamps
- Status: PENDING, ACCEPTED, REJECTED, DONE
- Tracking: lent_at, received_at, completed_at
- Confirmations: lender_marked_as_lent, borrower_confirmed_receipt
Messages (messages)
- Fields: id, request_id, sender_id, receiver_id, content, sent_at
Notifications (notifications)
- Fields: id, recipient_id, notification_type, message, is_read, timestamps
β Authentication & Authorization
- BCrypt password hashing (10 rounds)
- Session-based authentication
- Ownership verification for all actions
β Input Validation
- Frontend validation
- Backend validation with custom exceptions
- SQL injection prevention (JPA/Hibernate)
β XSS Prevention
- DOM-based rendering (no innerHTML for user content)
- Content sanitization
β CORS Configuration
- Controlled origins
- Credentials support
β Error Handling
- Global exception handler
- Custom exception types
- User-friendly error messages
POST /api/auth/signup Create new account
POST /api/auth/login User login
GET /api/items Browse all items
GET /api/items/{id} Get item by ID
POST /api/items Create new item
PUT /api/items/{id} Update item
DELETE /api/items/{id} Delete item
GET /api/items/user/{userId} Get user's items
GET /api/requests/user/{userId} Get user's sent requests
GET /api/requests/received/{userId} Get received requests
GET /api/requests/user/{userId}/accepted Get accepted requests
POST /api/requests Create request
PUT /api/requests/{id}/status Update request status
PUT /api/requests/{id}/done Mark as done
PUT /api/requests/{id}/mark-as-lent Owner marks as lent
PUT /api/requests/{id}/confirm-receipt Borrower confirms receipt
PUT /api/requests/{id}/confirm-return Confirm return
GET /api/messages/user/{userId} Get user messages
GET /api/messages/request/{requestId} Get request messages
POST /api/messages/send/{requestId} Send message
GET /api/notifications/{userId} Get notifications
PUT /api/notifications/{id}/read Mark as read
DELETE /api/notifications/{id} Delete notification
GET /api/users/{userId} Get profile
PUT /api/users/{userId} Update profile
Port 8080 Already in Use
# Find process using port 8080
netstat -ano | findstr :8080
# Kill the process
taskkill /PID <PID> /F
# Restart backend
mvn spring-boot:runDatabase Connection Error
- Check MySQL is running
- Verify credentials in
application.yml - Ensure database
gotyourbackexists
Compilation Errors
# Clean and rebuild
mvn clean compileAPI Calls Failing
- Check backend is running on port 8080
- Open browser console (F12) for errors
- Verify CORS settings
Not Loading Data
- Clear browser cache
- Check if logged in (localStorage has userId)
- Verify API endpoints in api-config.js
Images Not Showing
- Check image URLs are valid
- Verify CORS for image sources
- Sign up new user
- Login with credentials
- Post LEND item
- Post SELL item
- Browse and search items
- Send request to item
- Accept/reject requests
- Mark as lent
- Confirm receipt
- Send/receive messages
- Check notifications
- Mark as done
- Confirm return (both parties)
- Verify item reappears in browse
- Cannot request own item
- Cannot accept own request
- Duplicate requests prevented
- Proper status transitions
- Ownership verification enforced
- β Added "Mark as Lent" feature for owners
- β Added "Confirm Receipt" feature for borrowers
- β Full handover process tracking
- β Enhanced notifications for all workflow steps
- β Database schema updated with lent/receipt fields
- β Dual return confirmation (borrower + lender)
- β Automatic item availability after confirmation
- β Completed items removed from browse
- β Fixed duplicate notification bug
- β Removed wildcard CORS
- β Added XSS prevention
- β Implemented ownership verification
- β Added custom exceptions
- β Core lending/selling functionality
- β User authentication
- β Messaging system
- β Basic notifications
- Fork the repository
- Create feature branch (
git checkout -b feature/AmazingFeature) - Commit changes (
git commit -m 'Add AmazingFeature') - Push to branch (
git push origin feature/AmazingFeature) - Open Pull Request
This project is for educational purposes as part of academic coursework.
Project Team: SRM Students Repository: atharvpatil18/GotYourBack
For issues or questions:
- Check existing GitHub issues
- Review troubleshooting section
- Contact project maintainers
Built with β€οΈ for campus communities