MerchantsOfHope.org - Recruiting Platform
This is the official repository for MerchantsOfHope.org, the recruiting platform for TSYS Group.
Overview
MerchantsOfHope.org is designed to handle:
- Multiple independent tenants (TSYS Group has dozens of lines of business, all fully isolated from each other)
- OIDC and social media login
- Job seekers browsing positions and posting resumes/going through the application process
- Job providers managing the lifecycle of positions and applications
Tech Stack
- Language: Hack (PHP)
- Framework: Slim Framework 4
- Container: Docker
- Deployment: Kubernetes-ready
Architecture
- Multi-tenant architecture ensuring complete isolation between different business lines
- OIDC and social login integration
- Compliance-ready with USA law, accessibility standards, PCI, GDPR, SOC, and FedRAMP
Development
- Clone this repository
- Install dependencies with
composer install - Set up environment variables in
.env - Run with Docker Compose
Port Assignment
This service runs on port 18000 as per the project requirements.
Testing
The project follows Test Driven Development (TDD) methodology. Run tests with:
composer test
Security & Compliance
This project implements:
- Accessibility features for US Government contracts
- PCI DSS compliance
- GDPR compliance
- SOC compliance
- FedRAMP compliance
- USA law compliance
API Documentation
Authentication Endpoints
POST /api/auth/login- Authenticate userPOST /api/auth/logout- Logout userPOST /api/auth/register- Register new userGET /auth/google/callback- Google OAuth callbackGET /auth/github/callback- GitHub OAuth callback
Job Endpoints
GET /api/jobs- List all jobs with optional filtersGET /api/jobs/{id}- Get specific jobPOST /api/jobs- Create new job (for job providers)PUT /api/jobs/{id}- Update job (for job providers)DELETE /api/jobs/{id}- Delete job (for job providers)GET /api/my-jobs- Get jobs for current tenant (for job providers)
Application Endpoints
POST /api/applications- Apply for a jobGET /api/my-applications- Get applications for current userGET /api/jobs/{id}/applications- Get applications for a specific job (for job providers)
Database Schema
The application uses PostgreSQL with the following main tables:
tenants- Stores tenant informationusers- Stores user accountsjobs- Stores job postingsapplications- Stores job applicationsaudit_logs- Stores compliance audit logs
Environment Variables
The application expects the following environment variables (defined in .env):
APP_NAME- Application nameAPP_VERSION- Application versionAPP_ENV- Environment (development, production)DEBUG- Enable debug modeTIMEZONE- Application timezoneDB_HOST- Database hostDB_NAME- Database nameDB_USER- Database userDB_PASS- Database passwordDB_PORT- Database portJWT_SECRET- Secret for JWT tokensSESSION_LIFETIME- Session lifetime in secondsTENANT_ISOLATION_ENABLED- Enable tenant isolationACCESSIBILITY_ENABLED- Enable accessibility featuresGDPR_COMPLIANCE_ENABLED- Enable GDPR compliancePCI_DSS_COMPLIANCE_ENABLED- Enable PCI DSS complianceGOOGLE_CLIENT_ID- Google OAuth client IDGOOGLE_CLIENT_SECRET- Google OAuth client secretGITHUB_CLIENT_ID- GitHub OAuth client IDGITHUB_CLIENT_SECRET- GitHub OAuth client secretMAIL_HOST- Mail server hostMAIL_PORT- Mail server portMAIL_USERNAME- Mail server usernameMAIL_PASSWORD- Mail server passwordMAIL_ENCRYPTION- Mail server encryption method
Docker Configuration
The application is configured to run with Docker and Docker Compose, including:
- Application service
- PostgreSQL database
- Redis for caching/session storage
- MailHog for development email testing
- Nginx as a reverse proxy
Kubernetes Deployment
The application is designed for Kubernetes deployment with:
- Proper resource requests and limits
- Health checks
- Configuration via ConfigMaps and Secrets
- Service definitions for internal and external access
- Ingress configuration for routing