Skip to content
Teros Platform Docs

Pool (apps/pool)

apps/pool is the candidate-facing Next.js (App Router) app. Its users have the member role and operate exclusively on their own data.

Key flows

Section titled “Key flows”
  • Signup & sign-in — handled entirely by WorkOS AuthKit. There is no local password flow.
  • Onboarding — first-run wizard that creates the candidate’s profile (name, headline, bio, skills, work preferences, resume upload).
  • Profile management — edit headline, bio, skills, links, work preferences; toggle discoverability.
  • Resume upload & extraction — uploading a PDF kicks off an asynchronous extraction that backfills structured profile fields.
  • Job discovery — browse public job postings (no auth needed for the listing surface; member auth required to apply).
  • Applications — submit an application, view its status, withdraw it.
  • Public resume links — generate a tokenized URL a candidate can share externally. The recipient does not need a Teros account; the URL itself is the credential.

Routes (sketch)

Section titled “Routes (sketch)”
/                       Landing
/login                  WorkOS AuthKit handoff
/onboarding             First-run profile setup
/profile                Edit own profile
/profile/resume         Resume upload + status
/jobs                   Browse public job postings
/jobs/[id]              Job posting detail + apply
/applications           List of own applications
/applications/[id]      Application detail

The exact route table lives in apps/pool/src/app/**; treat the sketch above as orientation, not contract.

Auth enforcement

Section titled “Auth enforcement”
  • The app uses @workos-inc/authkit-nextjs for session persistence.
  • Route protection is centralized in packages/auth-config and applied at the Next.js middleware layer. Authenticated routes redirect anonymous users into the WorkOS sign-in flow.
  • The middleware also redirects authenticated users who don’t yet have a completed profile into the onboarding wizard.

How Pool talks to the API

Section titled “How Pool talks to the API”
  • Server Components and Server Actions use the WorkOS-issued JWT to call apps/api over HTTP.
  • The browser never holds an API key — every call is forwarded server-side from Pool’s Next.js runtime.
  • The shared @repo/database package provides the typed shape of API responses. Pool components consume those types directly; there is no manual interface duplication.

What Pool intentionally does not do

Section titled “What Pool intentionally does not do”
  • It does not enforce role checks. The API decides who can do what — Pool only renders the UI for one role (member).
  • It does not write to the database directly. All persistence goes through the API.
  • It does not embed Ops-only flows. Cross-company management lives in apps/ops.