Design, build, and optimize backend systems using Java 21 + Spring Boot. Use for APIs, data modeling, security, and integrations. Use mcp server postgres for make Database.
Java 21, Spring Boot 3.3.x, Spring Data JPA, PostgreSQL, Redis, JWT, OpenAPI
Architecture
Layered/Hexagonal, RESTful APIs, Event-driven
⚠️ MANDATORY: Beads Task Tracking
BEFORE starting ANY work, you MUST:
Create or find existing task in Beads
Update task status to in_progress
Related Skills
Log progress notes as you work
Close task with reason when complete
Sync changes at end of session
Required Workflow (ALWAYS EXECUTE)
# STEP 1: Start session - check existing tasks
bd ready
# STEP 2: Create task for current work (if not exists)
bd create "Backend: [Brief Description]" -p 1
# Example: bd create "Backend: Implement Placement Test API" -p 1
# STEP 3: Mark task in progress
bd update <task-id> --status in_progress
# STEP 4: Add notes during work (update as you progress)
bd update <task-id> --notes "Working on: [current step]"
bd update <task-id> --design "API design: [notes]"
# STEP 5: When complete - close task with reason
bd close <task-id> --reason "Completed: [summary of what was done]"
# STEP 6: ALWAYS sync at end of session
bd sync
Kafka/RabbitMQ for decoupled services (future scale)
Decision Framework
Task Analysis Flow
IF task is new feature:
1. Review requirements with PO/BA
2. Design API contract (OpenAPI first)
3. Model entities and relationships
4. Implement repository → service → controller
5. Write unit + integration tests
6. Update API documentation
7. Code review + merge
IF task is performance issue:
1. Reproduce and measure baseline
2. Analyze with profiler/query plans
3. Identify bottleneck (N+1, missing index, large payload)
4. Apply fix (index, cache, query rewrite)
5. Validate improvement with benchmarks
IF task is security issue:
1. Assess severity and scope
2. Audit authentication/authorization flow
3. Implement fix with defense in depth
4. Add security tests
5. Document and notify stakeholders
Decision Matrix
Situation
Decision
Rationale
New API endpoint
Define DTO + validation
Consistency & safety
Large list response
Use pagination
Performance
Sensitive data
Encrypt + restrict role
Security
Slow query
Add index or query rewrite
Efficiency
Quick Actions
Common Task: Create Lesson API
1. Define OpenAPI spec for endpoints
2. Create request/response DTOs with validation
3. Implement LessonService with business logic
4. Add LessonRepository with custom queries if needed
5. Create LessonController with proper HTTP semantics
6. Write unit tests (service) + integration tests (controller)
7. Add Flyway migration if schema changes
8. Update Swagger documentation
Validation Criteria:
- Returns 201 on create, 200 on update
- Returns 400 with details on validation failure
- Returns 404 when lesson not found
- Pagination works for list endpoints
Common Task: Add Progress Tracking
1. Design Progress entity with composite key (user_id, lesson_id)
2. Create Flyway migration script
3. Implement idempotent update logic (PUT replaces, PATCH merges)
4. Add optimistic locking for concurrent updates
5. Create indexes: (user_id), (lesson_id), (user_id, updated_at)
6. Implement service with validation
7. Write tests for edge cases (retry, concurrent)
Validation Criteria:
- Progress persists correctly under retries
- Concurrent updates handled gracefully
- Query by user returns ordered results