MOHPortalTest-AllAgents-AllLangs/qwen/go/README.md

# MerchantsOfHope.org Recruiting Platform

This is the official recruiting platform for MerchantsOfHope.org, designed to connect talented professionals with opportunities across TSYS Group's diverse business lines.

## Architecture Overview

The platform implements a multi-tenant architecture to support TSYS Group's dozens of independent business lines, each with complete data isolation. Key features include:

- Multi-tenant architecture with data isolation
- OIDC and social media login support
- Job seeker functionality (browse positions, apply, upload resumes)
- Job provider functionality (manage positions, applications)
- Full accessibility compliance (WCAG 2.1 AA standards)
- Security compliance (PCI, GDPR, SOC, FedRAMP)

## Technology Stack

- Backend: Go with Gin framework
- Database: PostgreSQL with GORM
- Authentication: OIDC and OAuth2
- Session Management: Redis
- Frontend: HTML/CSS/JS with accessibility focus
- Containerization: Docker and Docker Compose

## Security & Compliance

The platform implements several security measures to ensure compliance with industry standards:

- PCI DSS compliance for handling any sensitive data
- GDPR compliance for EU data protection
- SOC 2 compliance for security, availability, and privacy
- FedRAMP compliance for government cloud requirements
- Content Security Policy (CSP) headers
- Rate limiting and audit logging
- Secure authentication with OIDC
- Data residency controls

## Project Structure

```
qwen/go/
├── cmd/
├── api/
├── db/                 # Database connection and migrations
├── models/             # Data models
├── middleware/         # Authentication and authorization
├── handlers/           # HTTP request handlers
├── services/           # Business logic
├── utils/              # Utility functions
├── config/             # Configuration management
├── security/           # Security controls and compliance
├── templates/          # HTML templates
├── static/             # Static assets (CSS, JS, images)
├── tests/              # Test files
├── main.go             # Entry point
├── go.mod, go.sum      # Go modules
├── Dockerfile          # Container configuration
└── docker-compose.yml  # Service orchestration
```

## Running the Application

The application is designed to run in Docker containers. To start the application:

1. Ensure Docker and Docker Compose are installed
2. Navigate to the `qwen/go` directory
3. Run `docker-compose up --build`

The application will be available at `http://localhost:17000`.

## API Endpoints

- `GET /health` - Health check
- `POST /api/v1/auth/login` - User login
- `POST /api/v1/auth/register` - User registration
- `GET /api/v1/positions` - Browse job positions
- `POST /api/v1/positions` - Create job position (job providers)
- `POST /api/v1/applications` - Apply to position
- `POST /api/v1/resumes` - Upload resume

## Compliance Features

The platform includes several features to ensure compliance with regulatory requirements:

### GDPR Compliance
- Data residency controls
- User consent mechanisms
- Right to deletion implementations
- Privacy policy integration

### Security Controls
- Role-based access control
- API rate limiting
- Content security policy
- Audit logging
- Secure authentication

### Accessibility
- WCAG 2.1 AA compliance
- Semantic HTML structure
- Proper ARIA labels
- Keyboard navigation
- Sufficient color contrast

## Development

To run tests:
```bash
go test ./tests/...
```

For local development, you can run the application directly:
```bash
go run main.go
```

Note: This requires Go 1.21+, PostgreSQL, and Redis to be installed and running locally.

## Deployment

The platform is designed for containerized deployment. The docker-compose.yml file includes all necessary services:

- Application server
- PostgreSQL database
- Redis for session management
- Nginx as reverse proxy
- Keycloak for OIDC

For production deployment, ensure all security configurations are properly set and consider using Kubernetes for orchestration.