MovieMingle is a web application that recommends movies to users based on their preferences. The app enhances the viewing experience through predictions using machine learning techniques. With an easy-to-use interface and a modern, attractive design, MovieMingle becomes the ideal partner for film enthusiasts looking for new movies that suit their tastes. Whether you prefer dramas, comedies, or thrillers, the app will provide recommendations that meet your expectations.
▎FOR - For people passionate about the world of cinematography.
▎WHO - The users who are looking for new movies tailored to their unique preferences.
▎PRODUCT NAME - MovieMingle is a web app designed to provide movie recommendations.
▎THAT - Our app is a user-friendly tool for those times when you feel like you've run out of movies to watch.
▎UNLIKE - Unlike other platforms that do not provide personalized movie recommendations.
▎OUR PRODUCT - Our app provides customized movie suggestions based on your individual preferences, making it easy to find what to watch next.
-
As a potential user, I want to create a personal account on the platform, so that I can use this application.
-
As a user, I want to login to my MovieMingle account, so that I can access my profile.
-
As a new user, I want an intuitive interface, so that I can navigate quickly through the app.
-
As a user, I want to browse through the movie collection, so that I can explore them.
-
As a casual movie watcher, I want to check the movies I have already watched, so that I could further review them.
-
As a registered user, I want to rate movies after watching them, so that the app can provide recommendations in the future.
-
As a user, I want to be able to edit my watched list, so that I can prevent possible mistakes.
-
As a user, I want to be able to edit my reviews, so that I can update them if I change my mind.
-
As a cinephile, I want to ask for personalized movie recommendations, so that I can easily find films that match my unique taste.
-
As a user, I want a comprehensive analytics dashboard, so that I can have an insight into my movie watching habits .
User Story: As a potential user, I want to create a personal account on the platform, so that I can use this application.
Requirements:
- Implement a "Sign Up" button on the landing page.
- Create a registration form with fields for username, email, password, and any other necessary information.
- Validate user input and provide feedback for errors.
Requirements:
- Implement a "Login" button on the landing page.
- Create a login form with fields for email and password.
- Validate user credentials and provide feedback for incorrect logins.
User Story: As a new user, I want an intuitive interface, so that I can navigate quickly through the app.
Requirements:
- Design a user-friendly interface with clear navigation menus and icons.
- Conduct usability testing to ensure intuitive navigation.
Requirements:
- Display a searchable and filterable movie collection on the movie page.
- Implement filters for genres and other attributes.
- Allow users to view movie details upon selection.
User Story: As a casual movie watcher, I want to check the movies I have already watched, so that I could further review them.
Requirements:
- Create a "Watched Movies" page in the user menu.
- Display a list of movies with titles, ratings, etc.
- Provide options to view details or edit the watched list.
User Story: As a registered user, I want to rate movies after watching them, so that the app can provide recommendations in the future.
Requirements:
- Allow users to rate movies on a scale (e.g., 1 to 5 stars).
- Implement a system to record and save ratings associated with user profiles.
- Use ratings to influence future movie recommendations.
User Story: As a user, I want to be able to edit my watched list, so that I can prevent possible mistakes.
Requirements:
- Implement an "Edit" option for each movie in the "Watched Movies" section.
- Allow users to add or remove movies from the watched list.
User Story: As a user, I want to be able to edit my reviews, so that I can update them if I change my mind.
Requirements:
- Allow users to access their reviews from the movie profile.
- Implement an "Edit Review" option to modify existing reviews.
- Save updated reviews and display them correctly.
User Story: As a cinephile, I want to ask for personalized movie recommendations, so that I can easily find films that match my unique taste.
Requirements:
- Implement a recommendation algorithm based on user preferences and ratings.
- Provide a page for recommended movies.
User Story: As a user, I want a comprehensive analytics dashboard, so that I can have an insight into my movie watching habits.
Requirements:
- Design an analytics dashboard that summarizes viewing statistics (e.g., genres watched, time spent).
- Implement an "Update" button that allows users to refresh the analytics data on demand.
| Feature | Functionalities |
|---|---|
| Account | - Create - Login/Logout - Delete |
| Landing Page | - Look up movie content - Navigate through menu - Explore recommended/randomized movie list |
| Movie Profile | - Create a movie profile - Add/Edit rating of the movie |
| Watched Movie List | - Add new watched movies - Open a movie profile - Browse through movie list - Filter based on movie genres |
| To-Watch Movie List | - Add any movie from the database - Delete movie from the list - Browse through movie list - Transfer movie from to-watch to watched list - Filter based on movie genres |
| Recommended Movie List | - Filter based on movie genres - Add a movie to the to-watch list - Browse through movie list - Press "Surprise Me" button - Filter based on other users' ratings |
| Surprise Me Page | - Discover new movie - Add the movie to the to-watch list |
| Movie Preferences Dashboard Page | - View analyzed ranked movie preferences by genre - Track viewing time - Explore personalized insights |
Valentina is 28, a vegan activist in her free time, and works as a barista at Ototo on Victoriei Street. She’s also passionate about cinema and dislikes the capitalist concepts of big platforms like Netflix or HBO. However, she wishes for an easy-to-use, high-performing tool that can suggest films when she runs out of ideas, with recommendations that fit her unique tastes. That’s when she discovers MovieMingle, an app that puts the user first and focuses on their needs rather than following the principles of a profit-driven society. Now, Valentina can enjoy discovering new films weekly without contributing to the financing of unethical companies.
Flavius wants to spend more time with his grandfather, Gigel, while staying with him during winter break. What better way to bond than watching a movie together! Unfortunately, Flavius realizes he has no idea what to pick, and with Gigel being too old to know the latest popular films, they need another way to find a suitable recommendation. Luckily, Flavius heard from classmates about MovieMingle, an app that provides film suggestions based on unique preferences! Even better, MovieMingle allows users to filter recommended movies by genre, ensuring they can find a family-friendly, PG-13 option. Thanks to MovieMingle, Flavius and his grandfather can enjoy a cozy movie night together by the warmth of the fireplace.
Alin is a third-year student at the Faculty of Mathematics and Computer Science, feeling stressed with his thesis and part-time corporate job. Since stress makes him less productive, he wants to unwind with a movie to forget about the struggles of student life. He tries to browse Netflix but feels overwhelmed by the number of options, and with his mind elsewhere, he doesn’t have the patience to pick a movie on his own. Then, a great idea pops up: "I’ve heard about MovieMingle! I can just go there and see what it recommends based on my viewing history. I don’t have to waste time searching or risk picking a film I won’t like. And if I’m in the mood for something unusual, I can let it surprise me with a completely random movie!" Thanks to MovieMingle, Alin’s evening is saved, bringing him a moment of calm along with a hot coffee and cheesy, salted popcorn.
Maricica, a 40-year-old woman, had an argument with her husband, Marcel, 48, sending him to sleep on the couch. Wanting to tune out her husband’s loud snores, she decides to watch something that aligns with her comfort zone. This way, she can quickly focus on the movie’s action, and the background noise fades out. But how can she do this without wasting time searching for a movie when she can barely concentrate on picking one? With MovieMingle, she doesn’t have to do anything—the app suggests movies that can help drown out the unpleasant, noisy moments in life! (Plus, it recommends comforting movies to relax to on the couch.)
Marnela, a single mother with three kids, struggles daily with household chores, especially cooking for her family. One evening, while preparing dinner, her youngest child starts crying uncontrollably. As she tries to soothe him, she smells something burning from the kitchen. Panicking, she rushes to the stove to find that two hours of work have gone to waste. After a minor breakdown, she calls Domino's for pizza, planning a family movie night instead. But which movie would be suitable to keep her kids entertained? She texts her cousin, who recommends MovieMingle—a tool to discover personalized movies that she can filter by genre. Marnela feels overjoyed; now she can finally relax on the couch and enjoy a captivating movie night with her family.
You can view the project backlog on GitHub by clicking here.
| No. | Task Description | Priority | Estimated Time |
|---|---|---|---|
| 1 | Create a basic Spring Boot project | High | November |
| 2 | Create a database | High | November |
| 3 | Create a register/login page and implement the register/login functionalities | High | end of November |
| 4 | Implement CRUD for movies and implement CRUD for reviews | High | December |
| 5 | Implement the ML algorithm | High | December |
| 6 | Create landing page for users and create a personal profile page | Medium | December |
| 7 | Create a navigation bar and create a menu for logged users | Medium | end of December |
| 8 | Create the view for movie recommendations and implement filtering options for the movies lists | Medium | end of December |
| 9 | Implement the "Surprise Me" functionality and create a dedicated Surprise Me page | Medium | January |
| 10 | Enable adding movies from the Surprise Me section to the to-watch list and enable adding movies from the to-watch list to the watched list | Medium | January |
| 11 | Create the dashboard analytics page and implement dashboard analytics functionalities | Low | January |
| 12 | Create a prototype design in Figma and implement the design | Low | January |
| 13 | Ensure responsiveness functionality for the design and create a logo for our app | Low | January |
-
Spring Boot Framework: Core Java framework powering the application architecture through controllers (HTTP request handling), services (business logic), and models (data structure)
-
MySQL: Local database system storing application data, working with JPA Repository for streamlined database operations without complex SQL queries
-
Security Implementation:
-
JWT (JSON Web Tokens) for secure authentication and session management
-
CSRF protection against malicious attacks
-
Google OAuth2 integration for Google account sign-in functionality
-
Data Transfer Objects (DTOs): Manages efficient data transfer between frontend and backend layers
-
Java Database Seeder: Handles database initialization with starter data for development and testing
- Thymeleaf: Server-side Java template engine
- HTML, JavaScript, and CSS
- TMDB API: Provides real-time movie data, ratings, and cinema information
Movie Mingle is a web application designed for movie enthusiasts of all tastes. It provides personalized movie recommendations based on user ratings and offers endless opportunities to explore the vast world of cinema using TMDB’s extensive movie database. Users can effortlessly organize their movie lists into categories such as Watched, To Watch, Favorites, and Rated, making it easier to plan their next movie night. Additionally, the dashboard analytics section allows them to track their viewing activity.
Our final product aligns closely with our initial vision while incorporating enhancements such as API integration for fetching detailed movie information and seeders to populate our database. We also introduced new features, including a Favorites and Rated movies list and Google OAuth integration, elevating the user experience.
- Users must be able to create an account using email and password and log in securely.
- Users must be able to view their profile, including their movie lists:
- Watched
- To Watch
- Favourite
- Rated
- Users must be able to edit their profile and update their movie ratings.
- Users must be able to view a personalized dashboard based on their watched movies.
- Users must be able to view a list of top-watched and top-rated movies.
- Users must be able to access detailed information about a movie, including:
- Title
- Genre
- Description
- Ratings
- Cast
- Users must be able to add movies to their personal lists:
- Watch
- Favourite
- Rated
- To Watch
- Users must be able to rate a movie on a scale of 1-10 stars.
- Users must be able to search for a movie by title.
- Users must be able to filter movies by genres (e.g., Fiction, Comedy).
- The system must support user authentication and guarantee that passwords are securely managed, utilizing at least basic encryption or hashing techniques.
- The application should deliver a responsive experience, ensuring that movie searches and list loading happen with minimal delay.
- The system should be optimized for Google Chrome and Microsoft Edge, with no requirement for adaptation to other browsers.
Our MovieMingle application has been thoroughly tested using four types of testing strategies. These tests ensure that every component works as expected and that the overall user experience is smooth and reliable.
Unit tests are designed to verify the correctness of individual methods and functions. For MovieMingle, we have implemented 50 unit tests covering key functionalities such as matrix building, user registration, password handling, movie favourites, rating management, and secure token management. Every test case checks for expected results, and all tests have passed. Below is a summary table of our main unit test cases:
| Test Case | Expected Result | Status |
|---|---|---|
testBuildMatrix |
Matrix built successfully | Passed |
testRatingMatrix |
Rating matrix correctly computed | Passed |
testTrainModel |
Model trained successfully | Passed |
testRecommendMovies |
Movies recommended accurately | Passed |
testUpdateRating |
Rating updated correctly | Passed |
testForgottenPassword_Success |
Reset password email sent | Passed |
testForgottenPassword_UserNotFound |
User not found error handled | Passed |
testUpdatePassword_Success |
Password updated successfully | Passed |
testUpdatePassword_InvalidToken |
Invalid token error handled | Passed |
testUpdatePassword_ExpiredToken |
Expired token error handled | Passed |
testUpdatePassword_UserNotFound |
User not found error handled | Passed |
testSendResetPasswordEmail_Success |
Reset password email sent | Passed |
testRegister_UserAlreadyExists |
Duplicate user error handled | Passed |
testRegister_Success |
User registered successfully | Passed |
testEncodePassword |
Password encoded correctly | Passed |
testSendRegistrationConfirmationEmail_Success |
Confirmation email sent | Passed |
testCheckIfUserExist_UserExists |
User exists validation passed | Passed |
testCheckIfUserExist_UserDoesNotExist |
No user found as expected | Passed |
testAddMovieToFavourites_UserNotFound |
User not found error handled | Passed |
testAddMovieToFavourites_MovieAlreadyInFavourites |
Duplicate movie error handled | Passed |
testAddMovieToFavourites_NewMovie |
New movie added to favourites | Passed |
testIsMovieFavourite_MovieNotInFavourites |
Movie not in favourites verified | Passed |
testIsMovieFavourite_MovieInFavourites |
Movie in favourites confirmed | Passed |
testRemoveFromFavourites_UserNotFound |
User not found error handled | Passed |
testRemoveFromFavourites_MovieNotFound |
Movie not found error handled | Passed |
testRemoveFromFavourites_MovieNotInFavourites |
Movie not in favourites handled | Passed |
testRemoveFromFavourites_Success |
Movie removed successfully | Passed |
testGetUserFavouriteMovies |
Favourite movies retrieved | Passed |
testGetUserDashboardStats |
Dashboard stats computed correctly | Passed |
testGetUserDashboardStats_NoData |
No data scenario handled correctly | Passed |
testCreateSecureToken |
Secure token created | Passed |
testSaveSecureToken |
Secure token saved | Passed |
testFindByToken |
Token found successfully | Passed |
testFindByToken_NotFound |
Token not found handled | Passed |
testRemoveToken |
Token removed successfully | Passed |
testRemoveTokenByToken |
Token removed by identifier | Passed |
testGetTokenValidityInSeconds |
Token validity computed correctly | Passed |
testAddRating_UserNotFound |
User not found error handled | Passed |
testAddRating_NewMovie |
Rating added for a new movie | Passed |
testAddRating_ExistingMovie |
Existing movie rating updated | Passed |
testRemoveRating_UserNotFound |
User not found error handled | Passed |
testRemoveRating_MovieNotFound |
Movie not found error handled | Passed |
testRemoveRating_RatingNotFound |
Rating not found error handled | Passed |
testRemoveRating_Success |
Rating removed successfully | Passed |
testGetAverageRating_NoRatings |
No ratings scenario handled | Passed |
testGetAverageRating_WithRatings |
Average rating computed accurately | Passed |
testGetUserRating_RatingNotFound |
Rating not found error handled | Passed |
testGetUserRating_Success |
User rating retrieved successfully | Passed |
testGetUserRatedMovies_NoRatings |
No rated movies scenario handled | Passed |
testGetUserRatedMovies_WithRatings |
Rated movies retrieved correctly | Passed |
Integration tests validate the interactions between different modules, ensuring that controllers, HTTP request URIs, and other components work seamlessly together. For MovieMingle, we have implemented 17 integration tests that simulate real-world user interactions (including authentication and secured endpoints) and validate overall system performance. In these tests, we used an in-memory H2 database to simulate the database environment, ensuring fast and isolated testing. All integration tests have passed. Here is an overview of the main integration test cases:
| Test Case | Expected Result | Status |
|---|---|---|
testUserLogin |
User is able to log in successfully | Passed |
testGetUserByEmail |
User retrieved correctly by email | Passed |
testIsMovieWatched |
Movie watched status verified | Passed |
testAddMovieToWatched |
Movie added to the watched list successfully | Passed |
testAddMovieToWatched_AlreadyWatched |
Already watched movie is handled appropriately | Passed |
testLoadUserByUsername_UserExists |
User details loaded successfully | Passed |
testLoadUserByUsername_UserDoesNotExist |
Non-existent user error handled | Passed |
testGetUserDashboardStats |
Dashboard stats returned accurately | Passed |
testForgottenPassword_UserDoesNotExist |
Forgotten password for non-existent user handled | Passed |
testUpdatePassword_ValidToken |
Password updated with a valid token | Passed |
testUpdatePassword_InvalidToken |
Invalid token error handled during password update | Passed |
testGetProfilePage_UserAuthenticated |
Authenticated user can access profile page | Passed |
testUpdateAvatar_ValidRequest |
Avatar updated successfully after a valid request | Passed |
testUpdateAvatar_InvalidRequest |
Invalid avatar update request handled correctly | Passed |
testGetProfilePage_UserNotAuthenticated |
Non-authenticated user is denied access | Passed |
testIsMovieToWatch_True |
Movie marked to watch is confirmed | Passed |
testAddMovieTotoWatch_Success |
Movie added to the watch list successfully | Passed |
In addition to automated tests, comprehensive manual testing was conducted to simulate real user interactions. Manual testing allowed us to validate:
- Edge cases that automated tests might not fully capture.
- User interface flows and overall usability.
- Error scenarios to ensure proper error handling and messaging.
This approach ensured that the application behaves as expected in real-world scenarios and provides a seamless user experience.
Performance testing was executed using Lighthouse via the browser's Inspect tool. This allowed us to assess:
- Page load times
- Responsiveness
- Accessibility
- Adherence to best practices
The insights gathered from Lighthouse helped us optimize the MovieMingle application for better performance and a superior user experience. The performance tests confirmed that the application remains efficient even under high load.
Overall, our comprehensive testing strategy—including unit tests, integration tests, manual tests, and performance tests—ensures that MovieMingle is robust, efficient, and reliable. All test cases have passed, guaranteeing that the application meets high standards of quality and performance. 😀
MovieMingle implements Spring Security for authentication, supporting both email/password login and OAuth2 (Google). Password reset is secured via token-based validation. This analysis aligns with OWASP Top 10 security risks, identifying key risks and recommending improvements to enhance overall system security.
✔ Strengths:
- Uses BCrypt hashing for strong password protection.
- Password validation enforces regular expressions to prevent weak passwords.
⚡ Improvements:
- Set BCrypt cost factor to 12+ to enhance brute-force resistance.
- Implement a password policy validator enforcing stricter password complexity.
✔ Strengths:
- Email verification is required before account activation.
- Tokens are single-use and auto-deleted upon verification.
⚡ Improvements:
- Schedule clean-up of expired tokens to optimize database performance.
- Enforce token expiration (e.g., 24 hours) to limit prolonged access.
✔ Strengths:
- Password reset is token-based and secured via email verification.
- Reset tokens are deleted immediately after use, preventing reuse.
⚡ Improvements:
- Set token expiration (e.g., 30 min) to mitigate unauthorized use.
- Ensure only one active reset token per user at any time.
✔ Strengths:
- OAuth2 login is integrated, ensuring a seamless authentication process.
- The application extracts and verifies the user's email as a unique identifier.
⚠ Observations:
- Authentication fails if the OAuth2 provider does not return an email.
⚡ Improvements:
- Add fallback handling for cases where an email attribute is missing.
✔ Strength: CSRF is enabled for user authentication and account-related actions.
⚠ Observations:
- No rate limiting for login attempts, making the system vulnerable to brute force attacks.
- No temporary account lockout mechanism for repeated authentication failures.
🔒 Recommendations:
- Implement rate limiting (e.g., 5 attempts per 10 sec) and temporary account lockout after multiple failures.
- Introduce a captcha challenge (e.g., Google reCAPTCHA) for flagged login attempts.
⚠ Observation:
- No Role-Based Access Control (RBAC) is currently implemented, meaning all authenticated users have the same access level.
🔒 Recommendations:
- Introduce RBAC to restrict access to administrative or privileged functionalities.
- Define user roles such as
USER,ADMIN, and potentiallyMODERATORto enforce least privilege principles. - Implement Spring Security role-based authorization to control access to specific endpoints.
✔ Strengths:
- API endpoints that modify user data require authentication.
⚠ Observations:
- All TMDb API endpoints are publicly accessible, increasing exposure.
- No rate limiting on public API requests, making them vulnerable to excessive usage.
🔒 Recommendations:
- Apply rate limiting on public endpoints to prevent abuse.
- Implement IP-based throttling for frequently requested APIs.
✔ Strengths:
- Uses efficient API design to handle multiple requests.
⚠ Observations:
- No request rate limiting on login and token generation endpoints.
- Excessive API calls could degrade performance.
🔒 Recommendations:
- Implement IP-based request limiting to prevent abusive behavior.
- Introduce caching mechanisms for frequently requested responses.
- Monitor high request spikes to detect potential DoS attacks.
✔ Strengths:
- Hibernate (JPA) is used for database interactions, which prevents SQL Injection by utilizing prepared statements internally.
- Queries are executed using JPQL (Java Persistence Query Language), ensuring safe query execution without direct SQL manipulation.
- No native queries are used, eliminating risks from manual string concatenation in database queries.
⚠ Potential Risks:
- While Hibernate prevents direct SQL Injection, improper query construction (e.g., dynamic query building with concatenation in JPQL) could still pose a risk.
⚠ Observations:
- The application currently runs on localhost, so HTTPS enforcement is not required in development stage.
🔒 Recommendations for Production Deployment:
- Ensure HTTPS is enforced for all external requests when deploying to a live environment.
We set up a CI/CD pipeline using GitHub Actions to streamline testing and maintain code quality across different environments. This pipeline automatically triggers on every commit and pull request, running unit tests to validate core functionalities.
- Automated backend unit testing to ensure code reliability.
- Prevents regressions by verifying that new changes do not break existing functionality.
- Locally hosted backend and database, ensuring a stable and consistent development workflow.
This setup enhances the development process by providing continuous validation and maintaining a high level of code integrity.
- Runs locally using Spring Boot, started via mvn spring-boot:run.
- Connects to a MySQL database set up in application.properties for development and testing.
- Unit tests are executed to verify functionality before new features are integrated.
- Developed using HTML, CSS, and JavaScript to provide an intuitive user interface.
- Operates locally, communicating with the backend through REST API requests.
- Runs in a staging setup, utilizing a partially populated MySQL database to simulate real data scenarios.
- Allows for thorough testing before deployment to production.
- Tested locally but configured to interact with the staging backend to ensure compatibility and performance under near-production conditions.
- Fully deployed with a live MySQL database, containing actual user data.
- Tuned for high performance, security, and reliability to handle real-world usage.
- Rigorously tested and confirmed to work smoothly with the production backend, ensuring a seamless user experience.