Loading repository data…
Loading repository data…
Abubakkar-Siddhiq / repository
Distributed payment system built with microservices and event-driven architecture, leveraging Kafka for asynchronous processing and a rule-based fraud detection engine.
[![Forks][forks-shield]][forks-url] [![Stargazers][stars-shield]][stars-url] [![Issues][issues-shield]][issues-url] [![LinkedIn][linkedin-shield]][linkedin-url]
A distributed payment processing system built with Spring Boot microservices — modeled after the infrastructure layer that powers platforms like Razorpay or PayPal. Handles peer-to-peer money movement with fraud detection, event-driven architecture, and production-grade reliability patterns.
Built to answer one question: what actually happens when you tap "Pay"?
Key capabilities:
Client
│
┌──────▼─────┐
│ API Gateway│ JWT Auth · Rate Limiting
│ Port 8080 │ Role-based Routing
└─────┬──────┘
│
┌───────────────┼───────────────┐
│ │ │
┌─────▼──────┐ ┌─────▼──────┐ ┌────▼───────┐
│ Auth │ │ Payment │ │ Fraud │
│ Service │ │ Service │ │ Service │
│ Port 8081 │ │ Port 8082 │ │ Port 8083 │
└─────┬──────┘ └─────┬──────┘ └────┬───────┘
│ │ │
Auth DB Payment DB Fraud DB
(Postgres) (Postgres) (Postgres)
│
Redis Cache
(Idempotency +
Rate Limiting)
────── Kafka Event Bus ──────
Auth Service → user-registered-topic → Payment Service
Payment Service → payment-topic → Fraud Service
Payment Service → payment-topic → Notification Service
Fraud Service → fraud-alert-topic → Payment Service
Fraud Service → fraud-review-topic → Payment Service
┌──────────────┐
│ Notification │
│ Service │
│ Port 8084 │
└──────────────┘
┌─────────────────────────┐
│ Grafana LGTM Stack │
│ Traces · Logs · Metrics│
└─────────────────────────┘
╔════════════════════════════════════╗
║ Docker Internal Network ║
║ Only port 8080 exposed externally ║
╚════════════════════════════════════╝
/fraud/** restricted to ADMINX-User-Id headers — injects verified identity downstreamuser-registered event on registrationuser-registered → auto-creates account on registrationfraud-alert → reverses transaction and freezes account (Saga)fraud-review → unfreezes account on admin approvalOutbox Pattern — Direct Kafka publishing risks message loss if service crashes mid-transaction. Events are written to an outbox table in the same DB transaction. A scheduler reads and publishes. Atomicity guaranteed.
Idempotency with Redis — Every payment request carries a client-generated Idempotency-Key header. Redis stores the key with TTL. Duplicate requests return the original response without reprocessing — prevents double charges on network retries.
Pessimistic Locking — Concurrent payments to the same account can cause double spending. @Lock(PESSIMISTIC_WRITE) on account fetches ensures one transaction processes at a time per account.
Saga Pattern — Fraud detection is async. Payment processes first, fraud analysis follows. When fraud is confirmed, a compensation event reverses the transaction and freezes the account. No records deleted — full audit trail preserved.
Kafka over RabbitMQ — Multiple services consume every payment event independently. Kafka's message retention means no events are lost if a service goes down — consumer catches up on restart.
Database per Service — Each service owns its data. No cross-service JPA relationships. Services communicate via events. Payment DB, Fraud DB, and Auth DB are completely independent.
Account Number Abstraction — Users share account numbers (e.g. ABC123DEF456). Internal UUIDs never surface in the API. Account number to UUID resolution happens server-side.
JWT at Gateway Only — Auth Service issues JWT. Gateway validates it using a shared secret — no Auth Service call needed per request. Downstream services trust the X-User-Id header injected by Gateway.
| Pattern | Implementation |
|---|---|
| API Gateway | Spring Cloud Gateway — single entry point |
| Database per Service | Auth DB, Payment DB, Fraud DB |
| Event-Driven Architecture | Kafka backbone across all services |
| Outbox Pattern | Payment Service + Fraud Service |
| Idempotent Consumer | Redis idempotency keys |
| Saga Pattern | Fraud reversal compensation flow |
| Pessimistic Locking | Account fetches during payment processing |
X-User-Id removed, Gateway injects verified identity[![Java][Java-shield]][Java-url] [![Spring][Spring-shield]][Spring-url] [![Kafka][Kafka-shield]][Kafka-url] [![Redis][Redis-shield]][Redis-url] [![Postgres][Postgres-shield]][Postgres-url] [![Docker][Docker-shield]][Docker-url] [![Grafana][Grafana-shield]][Grafana-url]
Clone the repository
git clone https://github.com/abubakkar-siddhiq/payment-system.git
cd payment-system
Start infrastructure
docker-compose up -d
Starts: PostgreSQL (x3), Redis, Kafka (KRaft), Grafana LGTM
Build each service
cd payment-service && mvn clean package -DskipTests && cd ..
cd authservice && mvn clean package -DskipTests && cd ..
cd frauddetectionsystem && mvn clean package -DskipTests && cd ..
cd notificationservice && mvn clean package -DskipTests && cd ..
cd gateway && mvn clean package -DskipTests && cd ..
Start services in order
1. Auth Service → port 8081
2. Payment Service → port 8082
3. Fraud Service → port 8083
4. Notification Service → port 8084
5. API Gateway → port 8080
Create admin user
UPDATE users SET role = 'ADMIN' WHERE email = 'admin@yourdomain.com';
POST /api/v1/auth/register → Register, returns JWT + userId
POST /api/v1/auth/login → Login, returns JWT + userId
GET /api/v1/accounts/me → My account info
GET /api/v1/accounts/{accountNumber}/balance → My balance
POST /api/v1/ac