A containerized administrative portal built to manage community logistics, enforce role-based system safety rules, and maintain GDPR-compliant data-retention audits.
Live application: save-our-supper.web.app
- The Problem: Managing decentralized supply chains and volunteer logistics using legacy files leads to insecure database practices, data leaks, and inventory fragmentation.
- The Solution: A secure, real-time logistics engine with strict database access controls and automated resource coordination pipelines.
- Secure Access Rules: Hardened firestore rules and access boundaries to safeguard volunteer credentials and sensitive operational data.
- Relational Resource Optimization: Real-time inventory status synchronization preventing data race conditions and duplicate resource allocations.
- GDPR Data Sanitization: Automatic background data purging structures that clean inactive customer records to ensure strict privacy compliance.
- System-Wide Alert Webhooks: Integrations designed to dispatch automated operational warnings to personnel for critical logistics updates.
The interface uses a Neo-Obsidian Cyberpunk system designed for high-density operational work:
- Obsidian foundation: near-black
#020617surfaces with a restrained dot-grid field. - Cyan signal colour: bright cyan actions and active rails, supported by electric blue, teal, amber, and neon green status states.
- Typography: Geist for readable interface copy and Space Mono for labels, tokens, timestamps, and operational metadata.
- Flat geometry: square panels, thin borders, compact rails, and controlled glow instead of generic glass cards.
- Responsive operations: desktop workspaces collapse into mobile-first navigation and segmented workflow views.
The public gateway exposes anonymous parcel tracking and community support without requiring an account.
The tracker presents the referral lifecycle as Waiting → Preparing → Ready to Collect, using hashed phone or email lookup keys rather than exposing referral documents publicly.
Approved agency users submit referrals through a focused three-stage wizard: Household → Immediate Needs → Logistics.
Foodbank teams receive a kitchen-display-style ticket feed with fulfilment actions, urgency signals, collection states, and shift handover notes.
The application is a React and TypeScript single-page app deployed to Firebase Hosting, with Firebase Authentication and Cloud Firestore providing identity, realtime state, and policy enforcement.
| Interface | Access | Responsibility |
|---|---|---|
| Public Gateway | Anonymous | Hashed parcel-status lookup and local support directory |
| Partner Portal | partner |
Agency-scoped referral creation and client progress |
| Volunteer Ops | active_volunteer |
Intake acceptance, preparation, handover, and collection |
| Admin Console | admin |
User approvals, agency access, operational configuration, and retention controls |
Role checks in the frontend shape the interface, while Firestore rules remain the security boundary. Partner queries are restricted by agency ownership, staff operations require approved roles, and anonymous users can only access purpose-built public status records.
users— authenticated profiles, roles, and agency assignmentslive_orders— active and archived referral workflow recordspublic_status— minimal hashed lookup documents for anonymous trackinghandover_notes— shift communication for approved foodbank staffagenciesandconfig— controlled operational configuration
Save Our Supper applies data minimisation across the full parcel lifecycle.
- Referral: contact information is stored only for operational fulfilment and anonymous lookup generation.
- Collection: marking a parcel collected removes the matching public status records and immediately anonymises the recipient name, phone number, email address, and dietary notes.
- Reporting: non-identifying operational fields remain available for service statistics.
- Thirty-day retention: archived referrals older than 30 days are deleted by the retention workflow, with an isolated manual purge control available to administrators.
- Role isolation: personal referral data is protected by Firestore rules and agency or staff role checks.
- Node.js 20 or newer
- A Firebase project with Authentication and Firestore enabled
- Firebase CLI for emulator and deployment workflows
git clone https://github.com/stokie2605/save-our-supper.git
cd save-our-supper
npm installCopy the environment template and provide your Firebase web configuration:
copy .env.example .env.localStart the development server:
npm run devnpm run build
npm run lint
npm run test
npm run test:rulesThe Firestore rules suite requires the local Firebase Firestore emulator.
npm run build
firebase deploy --only hostingReact 19 · TypeScript · Vite · Tailwind CSS v4 · Firebase Authentication · Cloud Firestore · Firebase Hosting · Vitest
- Operational Restructuring: Standardized repository file hierarchies by separating core automation logic, helper scripts, and test files.
- Security Hardening: Swapped legacy credential configs for environment variables and secure token validation policies.
- Database Schema Upgrades: Refactored primitive database types into native data structures for robust ORM and transaction handling.
- Systems Maintenance: Eradicated legacy diagnostic scripts, optimized loops, and established static analysis scanning to ensure code hygiene.


