LNMIIT CampusFlow

1. Project Overview

LNMIIT CampusFlow is a comprehensive campus management system designed to streamline administrative processes, enhance transparency, and ensure secure document handling through digital signatures. The platform serves Students, Faculty, Student Council, and Administration, providing a unified interface for No-Dues clearances, Event Permissions, MoU approvals, Invoice processing, and Student Council Elections.

2. Architecture

High-Level Architecture

graph TD
    User[User (Student/Faculty/Admin)] -->|HTTPS| Frontend[React Frontend + Privy SDK]
    Frontend -->|Auth Token| Backend[Node.js/Express Backend API]
    Frontend -->|Google OAuth| Privy[Privy Auth Service]
    
    subgraph "AWS Cloud Infrastructure"
        Backend -->|Read/Write| DB[(MongoDB Atlas)]
        Backend -->|Store Files| S3[AWS S3 Bucket]
    end
    
    subgraph "Security Layer"
        Privy -->|Embedded Wallet| Sign[ECDSA Digital Signature]
        Sign -->|Verify| Backend
    end

Loading

Key Components

• Frontend: React.js application with Material UI and Tailwind CSS.
• Authentication: Privy (Web3 Auth) for secure Google OAuth and Embedded Wallets.
• Backend: Node.js with Express.js, hosted on AWS EC2/Lambda.
• Database: MongoDB Atlas for structured data and relationship management.
• Storage: AWS S3 for secure document storage (PDFs, Images).

3. Tech Stack

Frontend

• Framework: React.js
• Styling: Material UI (MUI), CSS3, Framer Motion
• Authentication & Wallets: @privy-io/react-auth
• HTTP Client: Axios
• State Management: React Context API

Backend

• Runtime: Node.js
• Framework: Express.js
• Database: MongoDB (Mongoose ODM)
• Security: Helmet, CORS, JWT (JSON Web Tokens)
• File Handling: Multer
• Cryptography: Crypto-js, Elliptic (for ECDSA)

Infrastructure

• Hosting: AWS (EC2 for Backend, S3 for Storage)
• CDN: CloudFront

4. Authentication & Security

Why Privy?

We utilize Privy for authentication to bridge the gap between traditional Web2 login experiences and Web3 security features.

• Seamless Onboarding: Users login using their institutional Google Accounts.
• Embedded Wallets: Upon login, Privy automatically provisions a secure, non-custodial Ethereum wallet for every user.
• Digital Signatures: These wallets are used to cryptographically sign documents (MoUs, No-Dues, etc.), ensuring non-repudiation and tamper-proof audit trails.

Authentication Flow

1. Login: User clicks "Login with Google".
2. Verification: Privy authenticates the user and returns an identity token.
3. Authorization: The backend verifies the Privy token and checks the user's role in the MongoDB database.
4. Session: A JWT is issued for session management, linking the Privy identity with internal permissions.

5. Digital Signatures & Integrity

ECDSA Signature Algorithm

All critical documents (MoUs, Invoices, No-Dues) are signed using the Elliptic Curve Digital Signature Algorithm (ECDSA).

• When a user "signs" a document, the system calculates the SHA-256 hash of the document.
• The user's embedded Privy wallet signs this hash using their private key.
• The signature, public key (wallet address), and document hash are stored.
• Verification: Anyone can mathematically verify that the signature was generated by the specific user's wallet and that the document has not been altered since signing.

Chained Signature Method

To maintain a strict hierarchy and flow:

1. Sequential Flow: Documents move through a predefined list of approvers (e.g., Faculty -> HOD -> Dean -> Admin).
2. Hash Chaining: Each new signature signs not just the document, but also the previous signature. This creates a blockchain-like chain of custody.
   • Signature_N = Sign(Hash(Document) + Signature_N-1)
3. Tamper Proof: If any previous signature or the document is altered, the entire chain becomes invalid.

6. Roles & Functionalities

🎓 Student

• Dashboard: View academic status, notifications.
• No-Dues: Initiate No-Dues requests, track approval status across departments.
• Voting: Cast secure, anonymous votes for Student Council elections.
• Profile: Manage personal details.

👨‍🏫 Faculty

• Dashboard: Pending approvals overview.
• Approvals: Review and digitally sign No-Dues requests, Event Permissions, and MoUs.
• No-Dues: Initiate their own No-Dues process (if leaving).

🏛️ Student Council (Gymkhana)

• Event Management: Submit proposals for campus events, budget approvals.
• MoU Submission: Propose Memorandums of Understanding with external bodies.
• Invoices: Submit invoices for event expenses for reimbursement/clearance.
• Status Tracking: Real-time tracking of all submitted proposals.

🛡️ Admin

• User Management: Create, update, and manage user roles and permissions.
• System Config: Configure approval flows, voting sessions, and system parameters.
• Final Approvals: Final signatory for high-level documents (MoUs, large budgets).
• Voting Oversight: Manage candidates, authorize voters, and view election results.

7. Detailed Functionalities

A. No-Dues Clearance System

• Initiation: Students fill a form; system generates a PDF.
• Flow: Request is routed to Library, Hostel, Department, Accounts, etc.
• Approval: Each department head digitally signs the request.
• Completion: Once all signatures are collected, a final "No-Dues Certificate" is generated.

B. MoU (Memorandum of Understanding) System

• Submission: Council uploads a draft MoU PDF and defines the recipient flow (e.g., Faculty Mentor -> Dean Student Affairs -> Director).
• Review: Each approver views the document. They can Approve (Sign) or Reject (with comments).
• Integrity: The document hash is verified at every step.

C. Event Permission & Invoice Management

• Event Request: Council submits event details, budget, and venue requirements.
• Invoice Processing: Post-event, invoices are uploaded. The system tracks the approval chain for financial clearance.

D. Voting System (Secure & Transparent)

• Candidature: Students apply for positions; Admin approves candidates.
• Voting:
  • Eligible students (verified via DB) cast votes.
  • Votes are recorded anonymously but linked to a unique voter hash to prevent double voting.
  • Integrity: The voting ledger is immutable.
• Results: Real-time or scheduled result declaration.

E. QR Code Verification & Document Preview

• Automatic Stamping: Upon final approval of any document (MoU, No-Dues), the system automatically embeds a QR Code onto the PDF.
• Verification:
  • The app features a QR Scanner in the header.
  • Scanning the code redirects to a verification page showing:
    • Original Document.
    • List of all signers (Name, Role, Timestamp).
    • Verification status (Valid/Invalid).

8. Deployment & Hosting

🚀 Vercel Deployment (Recommended)

This project is Vercel-ready for one-click deployment!

Quick Deploy

# Method 1: Using deployment script
./deploy-vercel.sh

# Method 2: Using Vercel CLI
npm i -g vercel
vercel --prod

Deployment Architecture

• Frontend: React app served as static files from Vercel CDN
• Backend: Node.js API running as Vercel Serverless Functions
• Database: MongoDB Atlas (Cloud-hosted, globally distributed)
• Storage: Cloudinary for file uploads (PDFs, images)
• Auth: Privy authentication service

Environment Setup

1. MongoDB Atlas: Already configured and ready
2. Cloudinary: File upload service configured
3. Privy: Authentication service configured

For detailed deployment instructions, see:

• 📘 Complete Deployment Guide
• 🔐 Environment Variables Reference

Alternative Hosting Options

• Backend: AWS Elastic Beanstalk, AWS Lambda, Railway, Render
• Frontend: Netlify, AWS Amplify, GitHub Pages
• Database: MongoDB Atlas (current), AWS DocumentDB
• Storage: AWS S3, Cloudinary (current), Firebase Storage

CI/CD Pipeline

• Automatic deployment on push to main branch
• Preview deployments for pull requests
• Build logs and monitoring in Vercel dashboard