diff --git a/README.md b/README.md new file mode 100644 index 0000000..02698c9 --- /dev/null +++ b/README.md @@ -0,0 +1,104 @@ +# Resume Analyzer API + +This project is a Flask-based web service that allows users to upload their resumes in PDF format and compare them against a given job description. The application uses Google's Gemini AI to analyze compatibility and provide a score out of 100. + +## Features +- Upload a resume in PDF format +- Analyze compatibility against a provided job description +- Convert PDF to images for AI processing +- Secure API with CSRF protection and reCAPTCHA validation +- Rate-limiting to prevent abuse +- Uses Flask-Limiter, Flask-WTF, and Flask-CORS for security enhancements +- Deletes uploaded files after processing + +## Requirements +Before running the application, ensure you have the following dependencies installed: + +- Python 3.8+ +- Flask +- Flask-WTF +- Flask-CORS +- Flask-Limiter +- PyMuPDF (fitz) +- pdf2image +- Pillow +- Google Generative AI SDK +- python-dotenv +- requests +- markdown + +Install dependencies using: +```sh +pip install -r requirements.txt +``` + +## Environment Variables +Create a `.env` file in the root directory and configure the following: + +```ini +GOOGLE_API_KEY= +UPLOAD_FOLDER=uploads/ +MAX_FILE_SIZE=4194304 # 4MB limit +SECRET_KEY= +RATE_LIMIT=1 per 10 seconds +RECAPTCHA_SECRET_KEY= +RECAPTCHA_SITE_KEY= +CORS_ORIGIN= +FLASK_RUN_HOST=0.0.0.0 +FLASK_RUN_PORT=49465 +``` + +## Usage +### Running the Application +Start the Flask server: +```sh +flask run --host=0.0.0.0 --port=49465 +``` +or +```sh +python app.py +``` + +### API Endpoints +#### `GET /` +Returns the upload page with reCAPTCHA integration. + +#### `POST /` +Accepts form data with a job description and a PDF resume. + +- **Parameters:** + - `g-recaptcha-response`: Required for reCAPTCHA verification. + - `text_input`: The job description. + - `file`: A valid PDF file (max 4MB). + +- **Response:** + ```json + { + "summary": "Resume compatibility summary", + "score": 85 + } + ``` + + - Returns a compatibility summary and a score (0-100). + - If reCAPTCHA fails, returns `{ "error": "reCAPTCHA verification failed." }`. + - If the PDF is invalid, returns `{ "error": "Invalid or potentially harmful PDF." }`. + +## Security Features +- **CSRF Protection**: Uses `Flask-WTF` for CSRF token validation. +- **Rate Limiting**: Limits users to 1 request per 10 seconds. +- **reCAPTCHA**: Ensures human users. +- **PDF Sanitization**: Checks for JavaScript, embedded files, and potential security threats. +- **Secure Headers**: Implements X-Frame-Options, Content-Security-Policy, and other security headers. + +## Deployment +To deploy this application in development mode, use: +```sh +flask run --host=0.0.0.0 --port=49465 +``` +or +```sh +python app.py +``` + +You can also deploy it using Docker, Nginx, or cloud services like AWS, Google Cloud, or Heroku. +