- Move admin credentials from hardcoded values to configuration
- Add rate limiting (5/min) to login endpoint for brute force protection
- Extract CleanJsonResponse to shared JsonResponseHelper class
- Add DateHelpers.MonthsBetween utility and consolidate date calculations
- Update PdfReportService to use ScoreThresholds constants
- Remove 5 unused shared components (EmploymentTable, FlagsList, etc.)
- Clean up unused CSS from MainLayout.razor.css
- Create IPdfReportService interface for better testability
- Add authentication requirement to Hangfire dashboard in development
- Seal EducationVerifierService class
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Ensures fresh API lookups each time the app starts, avoiding stale
cached results that may have been stored before matching improvements.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add QuestPDF library for professional PDF generation
- Create PdfReportService with formatted table layout
- Export includes score (color-coded), verified employers, gaps, and flags
- Report has header, footer with page numbers, and alternating row colors
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Features:
- Add UK institution recognition (170+ universities)
- Add diploma mill detection (100+ blacklisted institutions)
- Add education verification service with date plausibility checks
- Add local file storage option (no Azure required)
- Add default admin user seeding on startup
- Enhance Serilog logging with file output
Security fixes:
- Fix path traversal vulnerability in LocalFileStorageService
- Fix open redirect in login endpoint (use LocalRedirect)
- Fix password validation message (12 chars, not 6)
- Fix login to use HTTP POST endpoint (avoid Blazor cookie issues)
Code improvements:
- Add CancellationToken propagation to CV parser
- Add shared helpers (JsonDefaults, DateHelpers, ScoreThresholds)
- Add IUserContextService for user ID extraction
- Parallelized company verification in ProcessCVCheckJob
- Add 28 unit tests for education verification
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Docker configuration:
- Dockerfile: Multi-stage build with non-root user, health checks
- Dockerfile.migrations: Runs EF Core migrations on startup
- docker-compose.yml: Full stack with SQL Server, Azurite, app
- .dockerignore: Optimized build context
- .env.example: Template for API keys
Application changes:
- Added /health endpoint with EF Core database check
- Conditional HTTPS redirect (disabled in containers)
- DOTNET_RUNNING_IN_CONTAINER environment detection
Usage:
cp .env.example .env # Add your API keys
docker-compose up -d # Start all services
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Clean architecture solution with:
- Domain: Entities (User, CVCheck, CVFlag, CompanyCache) and Enums
- Application: Service interfaces, DTOs, and models
- Infrastructure: EF Core, Identity, Hangfire, external API clients, services
- Web: Blazor Server UI with pages and components
Features:
- CV upload and parsing (PDF/DOCX) using Claude API
- Employment verification against Companies House API
- Timeline analysis for gaps and overlaps
- Veracity scoring algorithm
- Background job processing with Hangfire
- Azure Blob Storage for file storage
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
