This is a production accountability dashboard designed for tracking daily spiritual practices of students in a residential hostel setting. It features role-based access control, comprehensive data visualization, and automated reporting.
Note: This is a sanitized version of a live production application. The demo pages showcase the UI with sample data.
Traditional paper-based accountability systems are inefficient and lack insights. This applcation digitizes the entire workflow—from daily entry submission to weekly performance reports—while providing real-time visibility to guardians and administrators.
The application is designed for reliability, simplicity, and mobile-first usage, reflecting the daily routines of hostel students.
- Mobile-first — Optimized for smartphone usage with responsive design
- Role-based access — Clear separation between students, monitors, poshak leaders, and admins
- Real-time insights — Color-coded dashboards highlight performance at a glance
- Data integrity — Soft delete, audit logging, and comprehensive validation
- Security-first — Rate limiting, input sanitization, JWT authentication
- Daily accountability form with 12+ tracked metrics
- Role-based dashboard with sorting, filtering, and column customization
- Missing entry detection and alerts
- Student profile management with extended family details
- Poshak leader and monitor assignment system
- Weekly automated email reports
- Export to Excel functionality
- Password reset via email
| Role | Permissions |
|---|---|
| Admin | Full access: user approval, role assignment, all data management |
| Poshak Leader | View dashboards, student profiles, assign monitors to students |
| Monitor Student | Fill entries for assigned students, view all dashboards |
| Student | Submit own daily entries, view dashboard, personal reports |
| Layer | Technology |
|---|---|
| Frontend | React.js, Tailwind CSS, Axios |
| Backend | Node.js, Express.js |
| Database | MySQL |
| Authentication | JWT + bcrypt |
| Security | Helmet, express-validator, rate-limiting |
| Logging | Winston |
| Scheduling | node-cron |
| Brevo API |
All endpoints are prefixed with /api.
POST /api/auth/register - User registration (requires admin approval)
POST /api/auth/login - JWT token generation
POST /api/auth/forgot-password - Password reset email
POST /api/auth/reset-password - Password reset with token
GET /api/users/me - Current user details
GET /api/users/pending - Pending registrations (admin)
POST /api/users/approve/:id - Approve user (admin)
GET /api/users/students - List all students
PUT /api/users/:id - Update user
DELETE /api/users/:id - Delete user (admin)
PUT /api/users/:id/toggle-active - Soft delete toggle
POST /api/accountability/create - Create/update daily entry
GET /api/accountability/list - List entries with filters
GET /api/accountability/report - Date range report with pagination
GET /api/accountability/user-settings - Column preferences
PUT /api/accountability/user-settings - Save preferences
GET /api/assignments/poshak - Poshak assignments
POST /api/assignments/poshak - Create poshak assignment
GET /api/assignments/monitor - Monitor assignments
POST /api/assignments/monitor - Create monitor assignment
GET /api/health - Health check
See docs/SCHEMA.md for complete schema documentation.
users— All user roles with authentication datastudent_profiles— Extended student informationaccountability_entries— Daily practice recordsposhak_assignments— Student-to-poshak mappingmonitor_assignments— Student-to-monitor mappingpassword_reset_tokens— Password reset management
Key design decisions are documented as ADRs in docs/adr/:
| ADR | Decision |
|---|---|
| 001 | Role-Based Access Control |
| 002 | JWT Authentication |
| 003 | Mobile-First Design |
| 004 | Soft Delete Pattern |
| 005 | Security Measures |
| 006 | Weekly Email Reports |
- Password hashing: bcrypt with 12 rounds
- Rate limiting: 100 req/15min general, 5 req/15min auth
- Input validation: express-validator on all endpoints
- XSS protection: Output escaping, Helmet.js headers
- SQL injection: Parameterized queries only
- CORS: Environment-specific origins
- Payload limits: 10KB max request body
- Node.js 18+
- MySQL 8.0+
- npm or yarn
cd backend
npm install
cp .env.example .env # Configure your environment
npm run devcd frontend
npm install
npm startmysql -u root -p < backend/database/schema.sqlSee backend/.env.example for all configuration options.
Key variables:
| Variable | Description |
|---|---|
JWT_SECRET |
Secret for JWT signing |
DB_HOST, DB_NAME, etc. |
MySQL connection |
SMTP_HOST, SMTP_USER, etc. |
Email configuration |
BCRYPT_ROUNDS |
Password hashing rounds (default: 12) |
Static demo pages are available in the demo/ folder:
- Demo Home — Landing page with role selection
- Student View — Student dashboard and form
- Admin View — Admin panel with user management
- Poshak View — Poshak leader dashboard
gyan-ghar/
├── backend/
│ ├── config/ # Database, email, logging
│ ├── cron/ # Scheduled jobs
│ ├── database/ # Schema and migrations
│ ├── middleware/ # Auth, rate limiting, error handling
│ ├── routes/ # API endpoints
│ └── server.js # Express app
├── frontend/
│ ├── src/
│ │ ├── components/ # Reusable UI components
│ │ ├── contexts/ # React contexts
│ │ ├── pages/ # Page components
│ │ └── utils/ # API client, utilities
│ └── public/ # Static assets
├── demo/ # Static demo pages
└── docs/ # Documentation and ADRs
- PII enryption at rest
- PWA support for offline entry submission
- Dashboard analytics with charts
- Bulk entry import/export
- Student education progress tracking
- Fees management
Built by Pranay Patel as a full-stack web application for real-world community use.
This project is provided for portfolio and educational purposes. Contact the author for licensing inquiries.