Pandit Javdekar Smart Society Management Application • Version 1.0 • June 2026 • ByteWise Consulting LLP
| Field | Value |
|-------|-------|
| Project | Pandit Javdekar Smart Society Management Application |
| Version | 2.0 |
| Date | June 2026 |
| Author | ByteWise Consulting LLP |
| Tech Stack Update | Migrated from React.js/React Native to Next.js 14+ (Admin + PWA) |
---
┌─────────────────────────────────────────────────────────────────────────────┐
│ CLIENT LAYER │
├─────────────────────────────────────────────────────────────────────────────┤
│ │
│ ┌──────────────────────┐ ┌──────────────────────┐ ┌──────────────────┐ │
│ │ Next.js Admin Portal │ │ Next.js PWA │ │ React Native │ │
│ │ (Web Dashboard) │ │ (Mobile Web App) │ │ (Phase 2 - │ │
│ │ - App Router │ │ - Same codebase as │ │ Later) │ │
│ │ - Server Components │ │ admin portal │ │ - Native │ │
│ │ - Responsive Design │ │ - PWA manifest │ │ Android + iOS │ │
│ │ - TypeScript │ │ - Service worker │ │ - React Native │ │
│ └──────────┬───────────┘ └──────────┬───────────┘ └────────┬─────────┘ │
│ │ │ │ │
└─────────────┼──────────────────────────┼────────────────────────┼────────────┘
│ │ │
└──────────────────────────┼────────────────────────┘
│
┌────────────────────────────────────────┼───────────────────────────────────────┐
│ API GATEWAY (NGINX + Rate Limiting) │
└────────────────────────────────────────┼───────────────────────────────────────┘
│
┌────────────────────────────────────────┼───────────────────────────────────────┐
│ BACKEND LAYER │
├────────────────────────────────────────┼───────────────────────────────────────┤
│ │ │
│ ┌─────────────────────────────────────┴─────────────────────────────────────┐ │
│ │ Node.js (nextJS) Application Server │ │
│ │ │ │
│ │ ┌────────────┐ ┌────────────┐ ┌────────────┐ ┌────────────┐ │ │
│ │ │ Auth │ │ Gate │ │ Maintenance│ │ Notice │ │ │
│ │ │ Module │ │ Module │ │ Module │ │ Module │ │ │
│ │ └────────────┘ └────────────┘ └────────────┘ └────────────┘ │ │
│ │ │ │
│ │ ┌────────────┐ ┌────────────┐ ┌────────────┐ ┌────────────┐ │ │
│ │ │ Biometric │ │ Visitor │ │ Poll │ │ Document │ │ │
│ │ │ Module │ │ Module │ │ Module │ │ Module │ │ │
│ │ └────────────┘ └────────────┘ └────────────┘ └────────────┘ │ │
│ │ │ │
│ │ ┌────────────┐ ┌────────────┐ ┌────────────┐ ┌────────────┐ │ │
│ │ │ Amenity │ │ Showcase │ │ Analytics │ │ SOS │ │ │
│ │ │ Module │ │ Module │ │ Module │ │ Module │ │ │
│ │ └────────────┘ └────────────┘ └────────────┘ └────────────┘ │ │
│ └──────────────────────────────────────────────────────────────────────────┘ │
│ │ │
└──────────────────────────────┼────────────────────────────────────────────────┘
│
┌──────────────────────────────┼────────────────────────────────────────────────┐
│ DATA LAYER │
├──────────────────────────────┼────────────────────────────────────────────────┤
│ │ │
│ ┌──────────────┐ ┌────────┴────────┐ ┌───────────────┐ ┌────────────┐ │
│ │ PostgreSQL │ │ Redis │ │ AWS S3 │ │ MQTT │ │
│ │ (Primary │ │ (Cache + │ │ (File │ │ Broker │ │
│ │ Database) │ │ Sessions) │ │ Storage) │ │ (Mosquitto│ │
│ └──────────────┘ └─────────────────┘ └─────────────────┘ └────────────┘ │
│ │
└──────────────────────────────────────────────────────────────────────────────┘
│
┌──────────────────────────────┼────────────────────────────────────────────────┐
│ EXTERNAL SERVICES │
├──────────────────────────────┼────────────────────────────────────────────────┤
│ │ │
│ ┌──────────────┐ ┌────────┴────────┐ ┌───────────────┐ ┌────────────┐ │
│ │ Firebase │ │ SMS Gateway │ │ ESP32 Gate │ │ Biometric │ │
│ │ (FCM) │ │ (Twilio/MSG91) │ │ Controllers │ │ Device │ │
│ └──────────────┘ └─────────────────┘ └─────────────────┘ └────────────┘ │
│ │
└──────────────────────────────────────────────────────────────────────────────┘
---
| Component | Technology | Version | Purpose |
|-----------|------------|---------|---------|
| Web Admin Portal | Next.js | 14.x | React framework with App Router, SSR, API routes |
| Mobile PWA | Next.js | 14.x | Progressive Web App (same codebase as admin) |
| Native Mobile (Phase 2) | React Native | 0.73+ | Cross-platform native mobile (Android + iOS) |
| Language | TypeScript | 5.x | Type safety across all frontends |
| Styling | Tailwind CSS | 3.x | Utility-first CSS |
| State Management | Zustand | 4.x | Client-side state |
| Server State | SWR | 2.x | Server state management for client components |
| Forms | React Hook Form | 7.x | Form management |
| Charts | Recharts | 2.x | Data visualization |
| Auth (Web) | NextAuth.js | 5.x | Authentication for Next.js |
| PWA | next-pwa | - | Service worker, manifest, offline support |
| Icons | Material Icons | - | Google Material Icons |
| MQTT (PWA) | MQTT.js | 4.x | MQTT over WebSocket for IoT |
| Component | Technology | Version | Purpose |
|-----------|------------|---------|---------|
| Runtime | Node.js | 20.x LTS | JavaScript runtime |
| Framework | nextJS | 10.x | Enterprise-grade Node.js framework |
| Language | TypeScript | 5.x | Type safety |
| Validation | class-validator | 0.14.x | Request validation |
| Authentication | Passport.js | 0.6.x | Authentication strategies |
| JWT | @nextjs/jwt | 10.x | JSON Web Token handling |
| ORM | Prisma | 5.x | Database ORM |
| API Docs | Swagger | 6.x | API documentation |
| Component | Technology | Version | Purpose |
|-----------|------------|---------|---------|
| Primary DB | PostgreSQL | 16.x | Relational database |
| Cache | Redis | 7.x | Caching + session storage |
| File Storage | AWS S3 | - | Photo and document storage |
| CDN | CloudFront | - | Static asset delivery |
| Component | Technology | Purpose |
|-----------|------------|---------|
| Cloud Provider | AWS / GCP | Cloud hosting |
| Container | Docker | Application containerization |
| Orchestration | ECS / Kubernetes | Container orchestration |
| CI/CD | GitHub Actions | Continuous integration/deployment |
| SSL | Let's Encrypt / AWS ACM | SSL certificates |
| Domain | Route 53 / Cloudflare | DNS management |
| Component | Technology | Purpose |
|-----------|------------|---------|
| Microcontroller | ESP32 | WiFi + Bluetooth IoT controller |
| Relay Module | 5V 10A Relay | Gate motor control |
| MQTT Broker | Mosquitto | Message queuing |
| MQTT Protocol | MQTT 5.0 over TLS | Secure messaging |
| Biometric Device | Fingerprint Scanner | Helper attendance |
| Component | Technology | Purpose |
|-----------|------------|---------|
| Android Push | Firebase Cloud Messaging (FCM) | Push notifications |
| iOS Push | Apple Push Notification Service (APNs) | Push notifications |
| SMS | Twilio / MSG91 | OTP and emergency SMS |
| Email | SendGrid / AWS SES | Email notifications |
---
project-root/
├── apps/
│ ├── web/ # Next.js Admin Portal + PWA
│ │ ├── app/ # Next.js App Router
│ │ │ ├── (auth)/ # Auth group (login, OTP, register)
│ │ │ │ ├── login/page.tsx
│ │ │ │ ├── otp/page.tsx
│ │ │ │ └── register/page.tsx
│ │ │ ├── (dashboard)/ # Dashboard group (protected)
│ │ │ │ ├── layout.tsx # Dashboard layout with sidebar
│ │ │ │ ├── page.tsx # Home/Overview
│ │ │ │ ├── gates/page.tsx
│ │ │ │ ├── maintenance/page.tsx
│ │ │ │ ├── notices/page.tsx
│ │ │ │ ├── residents/page.tsx
│ │ │ │ ├── visitors/page.tsx
│ │ │ │ ├── polls/page.tsx
│ │ │ │ ├── documents/page.tsx
│ │ │ │ ├── amenities/page.tsx
│ │ │ │ ├── analytics/page.tsx
│ │ │ │ ├── sos/page.tsx
│ │ │ │ ├── showcase/page.tsx
│ │ │ │ └── settings/page.tsx
│ │ │ ├── api/ # Next.js API Routes (BFF)
│ │ │ │ └── [...proxy]/route.ts # Proxy to nextJS backend
│ │ │ ├── layout.tsx # Root layout
│ │ │ └── page.tsx # Landing/redirect
│ │ ├── components/ # Shared React components
│ │ │ ├── ui/ # Base UI components (Button, Card, Input, etc.)
│ │ │ ├── layout/ # Layout components (Sidebar, Header, TabBar)
│ │ │ ├── gates/ # Gate access components
│ │ │ ├── maintenance/ # Maintenance components
│ │ │ ├── notices/ # Notice board components
│ │ │ └── ...
│ │ ├── hooks/ # Custom React hooks
│ │ │ ├── useAuth.ts
│ │ │ ├── useGate.ts
│ │ │ ├── useMQTT.ts
│ │ │ └── ...
│ │ ├── lib/ # Utilities and helpers
│ │ │ ├── api.ts # API client (axios/fetch)
│ │ │ ├── mqtt.ts # MQTT client setup
│ │ │ ├── auth.ts # Auth utilities
│ │ │ └── utils.ts
│ │ ├── store/ # Zustand stores
│ │ │ ├── authStore.ts
│ │ │ ├── gateStore.ts
│ │ │ └── ...
│ │ ├── styles/ # Global styles
│ │ │ └── globals.css
│ │ ├── public/ # Static assets
│ │ ├── next.config.js
│ │ ├── tailwind.config.ts
│ │ ├── tsconfig.json
│ │ └── package.json
│ │
│ └── api/ # nextJS Backend
│ └── src/
│ ├── modules/ # Feature modules (unchanged)
│ │ ├── auth/
│ │ ├── users/
│ │ ├── gates/
│ │ ├── visitors/
│ │ ├── maintenance/
│ │ ├── notices/
│ │ ├── biometric/
│ │ ├── polls/
│ │ ├── documents/
│ │ ├── amenities/
│ │ ├── showcase/
│ │ ├── analytics/
│ │ ├── sos/
│ │ └── notifications/
│ ├── common/ # Shared utilities
│ ├── config/
│ └── database/
│
├── packages/ # Shared packages
│ ├── types/ # Shared TypeScript types
│ ├── utils/ # Shared utilities
│ └── config/ # Shared configuration
│
├── docker-compose.yml
├── turbo.json # Turborepo config
└── package.json # Root workspace
apps/api/src/
├── app.module.ts
├── main.ts
│
├── modules/
│ ├── auth/
│ │ ├── auth.module.ts
│ │ ├── auth.controller.ts
│ │ ├── auth.service.ts
│ │ ├── strategies/
│ │ │ ├── jwt.strategy.ts
│ │ │ └── local.strategy.ts
│ │ └── guards/
│ │ ├── jwt-auth.guard.ts
│ │ └── roles.guard.ts
│ │
│ ├── users/
│ │ ├── users.module.ts
│ │ ├── users.controller.ts
│ │ ├── users.service.ts
│ │ └── entities/
│ │ └── user.entity.ts
│ │
│ ├── gates/
│ │ ├── gates.module.ts
│ │ ├── gates.controller.ts
│ │ ├── gates.service.ts
│ │ ├── mqtt/
│ │ │ └── mqtt.service.ts
│ │ └── entities/
│ │ ├── gate.entity.ts
│ │ └── gate-log.entity.ts
│ │
│ ├── visitors/
│ │ ├── visitors.module.ts
│ │ ├── visitors.controller.ts
│ │ ├── visitors.service.ts
│ │ └── entities/
│ │ └── visitor.entity.ts
│ │
│ ├── maintenance/
│ │ ├── maintenance.module.ts
│ │ ├── maintenance.controller.ts
│ │ ├── maintenance.service.ts
│ │ └── entities/
│ │ ├── maintenance-request.entity.ts
│ │ └── maintenance-category.entity.ts
│ │
│ ├── notices/
│ │ ├── notices.module.ts
│ │ ├── notices.controller.ts
│ │ ├── notices.service.ts
│ │ └── entities/
│ │ └── notice.entity.ts
│ │
│ ├── biometric/
│ │ ├── biometric.module.ts
│ │ ├── biometric.controller.ts
│ │ ├── biometric.service.ts
│ │ └── entities/
│ │ └── biometric-log.entity.ts
│ │
│ ├── polls/
│ │ ├── polls.module.ts
│ │ ├── polls.controller.ts
│ │ ├── polls.service.ts
│ │ └── entities/
│ │ ├── poll.entity.ts
│ │ └── poll-vote.entity.ts
│ │
│ ├── documents/
│ │ ├── documents.module.ts
│ │ ├── documents.controller.ts
│ │ ├── documents.service.ts
│ │ └── entities/
│ │ └── document.entity.ts
│ │
│ ├── amenities/
│ │ ├── amenities.module.ts
│ │ ├── amenities.controller.ts
│ │ ├── amenities.service.ts
│ │ └── entities/
│ │ └── amenity.entity.ts
│ │
│ ├── showcase/
│ │ ├── showcase.module.ts
│ │ ├── showcase.controller.ts
│ │ ├── showcase.service.ts
│ │ └── entities/
│ │ └── showcase-item.entity.ts
│ │
│ ├── analytics/
│ │ ├── analytics.module.ts
│ │ ├── analytics.controller.ts
│ │ └── analytics.service.ts
│ │
│ ├── sos/
│ │ ├── sos.module.ts
│ │ ├── sos.controller.ts
│ │ ├── sos.service.ts
│ │ └── entities/
│ │ └── sos-alert.entity.ts
│ │
│ └── notifications/
│ ├── notifications.module.ts
│ ├── notifications.controller.ts
│ ├── notifications.service.ts
│ ├── firebase/
│ │ └── firebase.service.ts
│ └── sms/
│ └── sms.service.ts
│
├── common/
│ ├── decorators/
│ │ ├── roles.decorator.ts
│ │ └── current-user.decorator.ts
│ ├── guards/
│ │ ├── roles.guard.ts
│ │ └── throttle.guard.ts
│ ├── interceptors/
│ │ └── logging.interceptor.ts
│ ├── filters/
│ │ └── http-exception.filter.ts
│ └── pipes/
│ └── validation.pipe.ts
│
├── config/
│ ├── configuration.ts
│ └── config.module.ts
│
└── database/
├── migrations/
└── seeds/
---
Server Component →直接 fetch nextJS API (internal network)
Client Component → SWR → nextJS API (via BFF proxy at /api/[...proxy])
PWA → MQTT.js over WebSocket → MQTT Broker (for IoT)
The `app/api/[...proxy]/route.ts` catches all `/api/*` requests and proxies them to the nextJS backend:
// apps/web/app/api/[...proxy]/route.ts
import { NextRequest, NextResponse } from 'next/server';
const BACKEND_URL = process.env.nextJS_API_URL || 'http://localhost:3001';
async function proxyRequest(request: NextRequest, params: { proxy: string[] }) {
const path = params.proxy.join('/');
const url = `${BACKEND_URL}/api/v1/${path}`;
const response = await fetch(url, {
method: request.method,
headers: {
'Content-Type': request.headers.get('content-type') || 'application/json',
'Authorization': request.headers.get('authorization') || '',
},
body: request.method !== 'GET' && request.method !== 'HEAD'
? await request.text()
: undefined,
});
const data = await response.text();
return new NextResponse(data, {
status: response.status,
headers: { 'Content-Type': response.headers.get('content-type') || 'application/json' },
});
}
export async function GET(request: NextRequest, { params }: { params: { proxy: string[] } }) {
return proxyRequest(request, await params);
}
export async function POST(request: NextRequest, { params }: { params: { proxy: string[] } }) {
return proxyRequest(request, await params);
}
export async function PATCH(request: NextRequest, { params }: { params: { proxy: string[] } }) {
return proxyRequest(request, await params);
}
export async function DELETE(request: NextRequest, { params }: { params: { proxy: string[] } }) {
return proxyRequest(request, await params);
}
#### Authentication
| Method | Endpoint | Description | Auth Required |
|--------|----------|-------------|---------------|
| POST | /api/v1/auth/register | Register new user | No |
| POST | /api/v1/auth/verify-otp | Verify OTP | No |
| POST | /api/v1/auth/login | Login | No |
| POST | /api/v1/auth/refresh | Refresh token | Yes |
| POST | /api/v1/auth/logout | Logout | Yes |
| POST | /api/v1/auth/pin | Set/verify PIN | Yes |
#### Users
| Method | Endpoint | Description | Auth Required | Roles |
|--------|----------|-------------|---------------|-------|
| GET | /api/v1/users | Get all users (project) | Yes | Admin, Manager |
| GET | /api/v1/users/:id | Get user by ID | Yes | Admin, Manager |
| PATCH | /api/v1/users/:id | Update user | Yes | Admin |
| DELETE | /api/v1/users/:id | Delete user | Yes | Admin |
| POST | /api/v1/users/:id/family | Add family member | Yes | Primary |
| DELETE | /api/v1/users/:id/family/:memberId | Remove family member | Yes | Primary |
| POST | /api/v1/users/:id/helpers | Add helper | Yes | Primary |
| DELETE | /api/v1/users/:id/helpers/:helperId | Remove helper | Yes | Primary |
#### Gates
| Method | Endpoint | Description | Auth Required | Roles |
|--------|----------|-------------|---------------|-------|
| POST | /api/v1/gates/:id/open | Open gate | Yes | Resident, Guard |
| GET | /api/v1/gates/:id/status | Get gate status | Yes | All |
| GET | /api/v1/gates/:id/logs | Get gate logs | Yes | Admin, Manager |
| POST | /api/v1/gates/rush-hour | Toggle rush hour | Yes | Guard |
| POST | /api/v1/gates/override | Guard override | Yes | Guard |
#### Visitors
| Method | Endpoint | Description | Auth Required | Roles |
|--------|----------|-------------|---------------|-------|
| POST | /api/v1/visitors/pre-approve | Pre-approve visitor | Yes | Resident |
| GET | /api/v1/visitors | Get visitors list | Yes | Guard, Manager |
| PATCH | /api/v1/visitors/:id/check-in | Check in visitor | Yes | Guard |
| PATCH | /api/v1/visitors/:id/check-out | Check out visitor | Yes | Guard |
| GET | /api/v1/visitors/logs | Get visitor logs | Yes | Admin, Manager |
#### Maintenance
| Method | Endpoint | Description | Auth Required | Roles |
|--------|----------|-------------|---------------|-------|
| POST | /api/v1/maintenance | Create request | Yes | Resident |
| GET | /api/v1/maintenance | Get requests | Yes | All |
| GET | /api/v1/maintenance/:id | Get request by ID | Yes | All |
| PATCH | /api/v1/maintenance/:id/assign | Assign request | Yes | Manager |
| PATCH | /api/v1/maintenance/:id/status | Update status | Yes | Maintenance |
| POST | /api/v1/maintenance/:id/complete | Complete request | Yes | Maintenance |
| POST | /api/v1/maintenance/:id/rate | Rate request | Yes | Resident |
#### Notices
| Method | Endpoint | Description | Auth Required | Roles |
|--------|----------|-------------|---------------|-------|
| POST | /api/v1/notices | Create notice | Yes | Chairman, Secretary, Treasurer |
| GET | /api/v1/notices | Get notices | Yes | All |
| GET | /api/v1/notices/:id | Get notice by ID | Yes | All |
| PATCH | /api/v1/notices/:id | Update notice | Yes | Creator |
| DELETE | /api/v1/notices/:id | Delete notice | Yes | Creator, Admin |
| POST | /api/v1/notices/:id/read | Mark as read | Yes | Resident |
#### Biometric
| Method | Endpoint | Description | Auth Required | Roles |
|--------|----------|-------------|---------------|-------|
| POST | /api/v1/biometric/check-in | Helper check-in | No | Biometric Device |
| POST | /api/v1/biometric/check-out | Helper check-out | No | Biometric Device |
| POST | /api/v1/biometric/register | Register fingerprint | Yes | Manager |
| GET | /api/v1/biometric/logs | Get attendance logs | Yes | Manager, Resident |
| GET | /api/v1/biometric/reports | Get monthly reports | Yes | Manager |
#### Polls
| Method | Endpoint | Description | Auth Required | Roles |
|--------|----------|-------------|---------------|-------|
| POST | /api/v1/polls | Create poll | Yes | Chairman, Secretary, Treasurer |
| GET | /api/v1/polls | Get polls | Yes | All |
| GET | /api/v1/polls/:id | Get poll by ID | Yes | All |
| POST | /api/v1/polls/:id/vote | Vote in poll | Yes | Resident (any family member, one vote per flat) |
| GET | /api/v1/polls/:id/results | Get results | Yes | All |
#### Documents
| Method | Endpoint | Description | Auth Required | Roles |
|--------|----------|-------------|---------------|-------|
| POST | /api/v1/documents | Upload document | Yes | Admin |
| GET | /api/v1/documents | Get documents | Yes | All |
| GET | /api/v1/documents/:id | Get document by ID | Yes | All |
| DELETE | /api/v1/documents/:id | Delete document | Yes | Admin |
#### Amenities
| Method | Endpoint | Description | Auth Required | Roles |
|--------|----------|-------------|---------------|-------|
| POST | /api/v1/amenities | Create amenity | Yes | Admin |
| GET | /api/v1/amenities | Get amenities | Yes | All |
| POST | /api/v1/amenities/:id/book | Book amenity | Yes | Resident |
| GET | /api/v1/amenities/calendar | Get calendar | Yes | All |
#### Showcase
| Method | Endpoint | Description | Auth Required | Roles |
|--------|----------|-------------|---------------|-------|
| POST | /api/v1/showcase | Create item | Yes | Admin |
| GET | /api/v1/showcase | Get items | Yes | All |
| PATCH | /api/v1/showcase/:id | Update item | Yes | Admin |
| DELETE | /api/v1/showcase/:id | Delete item | Yes | Admin |
#### Analytics
| Method | Endpoint | Description | Auth Required | Roles |
|--------|----------|-------------|---------------|-------|
| GET | /api/v1/analytics/gate-usage | Gate usage analytics | Yes | Admin, Manager |
| GET | /api/v1/analytics/attendance | Attendance reports | Yes | Admin, Manager |
| GET | /api/v1/analytics/maintenance | Maintenance trends | Yes | Admin, Manager |
| GET | /api/v1/analytics/export | Export report | Yes | Admin |
#### SOS
| Method | Endpoint | Description | Auth Required | Roles |
|--------|----------|-------------|---------------|-------|
| POST | /api/v1/sos/trigger | Trigger SOS | Yes | Admin, Manager, Guard |
| PATCH | /api/v1/sos/dnd-override | Toggle DND override | Yes | Admin, Manager, Guard |
| GET | /api/v1/sos/logs | Get SOS logs | Yes | Admin |
| GET | /api/v1/sos/:id/acknowledgments | Get acknowledgments | Yes | Admin |
---
-- Organizations (PJA)
CREATE TABLE organizations (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
name VARCHAR(255) NOT NULL,
logo_url VARCHAR(500),
settings JSONB,
created_at TIMESTAMP DEFAULT NOW(),
updated_at TIMESTAMP DEFAULT NOW()
);
-- Projects (Manorama, Future Projects)
CREATE TABLE projects (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
organization_id UUID REFERENCES organizations(id),
name VARCHAR(255) NOT NULL,
address TEXT,
city VARCHAR(100),
total_units INTEGER,
towers JSONB,
features JSONB, -- Feature toggle configuration
settings JSONB,
status VARCHAR(20) DEFAULT 'active',
created_at TIMESTAMP DEFAULT NOW(),
updated_at TIMESTAMP DEFAULT NOW()
);
-- Users (All user types)
CREATE TABLE users (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
organization_id UUID REFERENCES organizations(id),
project_id UUID REFERENCES projects(id),
flat_id UUID,
mobile VARCHAR(15) UNIQUE NOT NULL,
email VARCHAR(255),
name VARCHAR(255) NOT NULL,
role VARCHAR(50) NOT NULL, -- primary_member, family_member, helper, guard, manager, admin, chairman, secretary, treasurer
pin_hash VARCHAR(255),
device_fingerprint VARCHAR(500),
is_active BOOLEAN DEFAULT true,
created_at TIMESTAMP DEFAULT NOW(),
updated_at TIMESTAMP DEFAULT NOW()
);
-- Flats
CREATE TABLE flats (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
project_id UUID REFERENCES projects(id),
tower VARCHAR(50),
flat_number VARCHAR(50) NOT NULL,
floor INTEGER,
owner_id UUID REFERENCES users(id),
occupancy_type VARCHAR(20), -- owner, tenant
status VARCHAR(20) DEFAULT 'occupied', -- occupied, vacant, sold
created_at TIMESTAMP DEFAULT NOW()
);
-- Family Members (linked to primary member)
CREATE TABLE family_members (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
primary_member_id UUID REFERENCES users(id),
user_id UUID REFERENCES users(id),
relationship VARCHAR(100),
created_at TIMESTAMP DEFAULT NOW()
);
-- Helpers (linked to primary member)
CREATE TABLE helpers (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
primary_member_id UUID REFERENCES users(id),
user_id UUID REFERENCES users(id),
helper_type VARCHAR(50), -- maid, driver, cook, other
has_gate_access BOOLEAN DEFAULT false,
biometric_id VARCHAR(100),
created_at TIMESTAMP DEFAULT NOW()
);
-- Gates
CREATE TABLE gates (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
project_id UUID REFERENCES projects(id),
name VARCHAR(100) NOT NULL,
location VARCHAR(255),
iot_device_id VARCHAR(100),
mqtt_topic VARCHAR(255),
status VARCHAR(20) DEFAULT 'active',
is_online BOOLEAN DEFAULT true,
created_at TIMESTAMP DEFAULT NOW()
);
-- Gate Logs
CREATE TABLE gate_logs (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
gate_id UUID REFERENCES gates(id),
user_id UUID,
action VARCHAR(50), -- open, close, override
method VARCHAR(50), -- app, pin, guard, rush_hour, physical
device_id VARCHAR(100),
timestamp TIMESTAMP DEFAULT NOW(),
metadata JSONB
);
-- Visitors
CREATE TABLE visitors (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
project_id UUID REFERENCES projects(id),
gate_id UUID REFERENCES gates(id),
flat_id UUID REFERENCES flats(id),
name VARCHAR(255) NOT NULL,
phone VARCHAR(15),
purpose VARCHAR(255),
photo_url VARCHAR(500),
status VARCHAR(20) DEFAULT 'pending', -- pending, approved, checked_in, checked_out
pre_approved BOOLEAN DEFAULT false,
checked_in_at TIMESTAMP,
checked_out_at TIMESTAMP,
created_at TIMESTAMP DEFAULT NOW()
);
-- Maintenance Requests
CREATE TABLE maintenance_requests (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
project_id UUID REFERENCES projects(id),
flat_id UUID REFERENCES flats(id),
requested_by UUID REFERENCES users(id),
assigned_to UUID REFERENCES users(id),
category VARCHAR(50) NOT NULL, -- plumbing, electrical, civil, lift, painting, pest_control, other
priority VARCHAR(20) DEFAULT 'medium', -- low, medium, high, urgent
status VARCHAR(20) DEFAULT 'open', -- open, assigned, in_progress, completed, rated, closed
description TEXT,
photo_urls JSONB,
completion_photo_url VARCHAR(500),
completion_notes TEXT,
resident_rating INTEGER,
resident_feedback TEXT,
manager_rating INTEGER,
created_at TIMESTAMP DEFAULT NOW(),
updated_at TIMESTAMP DEFAULT NOW()
);
-- Notices
CREATE TABLE notices (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
project_id UUID REFERENCES projects(id),
created_by UUID REFERENCES users(id),
title VARCHAR(255) NOT NULL,
content TEXT NOT NULL,
category VARCHAR(50), -- maintenance, events, water_power, general
priority VARCHAR(20) DEFAULT 'normal', -- normal, important, emergency
target_audience JSONB, -- { type: "all" | "tower" | "flat", value: "..." }
is_published BOOLEAN DEFAULT false,
published_at TIMESTAMP,
expires_at TIMESTAMP,
created_at TIMESTAMP DEFAULT NOW()
);
-- Notice Reads
CREATE TABLE notice_reads (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
notice_id UUID REFERENCES notices(id),
user_id UUID REFERENCES users(id),
read_at TIMESTAMP DEFAULT NOW()
);
-- Biometric Logs
CREATE TABLE biometric_logs (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
project_id UUID REFERENCES projects(id),
helper_id UUID REFERENCES helpers(id),
device_id VARCHAR(100),
action VARCHAR(20), -- check_in, check_out
timestamp TIMESTAMP DEFAULT NOW(),
synced BOOLEAN DEFAULT true
);
-- Polls
CREATE TABLE polls (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
project_id UUID REFERENCES projects(id),
created_by UUID REFERENCES users(id),
question TEXT NOT NULL,
options JSONB NOT NULL, -- [{ id, text }]
deadline TIMESTAMP,
status VARCHAR(20) DEFAULT 'active', -- active, closed, cancelled
created_at TIMESTAMP DEFAULT NOW()
);
-- Poll Votes
CREATE TABLE poll_votes (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
poll_id UUID REFERENCES polls(id),
flat_id UUID REFERENCES flats(id),
user_id UUID REFERENCES users(id),
option_id VARCHAR(50) NOT NULL,
voted_at TIMESTAMP DEFAULT NOW()
);
-- Documents
CREATE TABLE documents (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
project_id UUID REFERENCES projects(id),
title VARCHAR(255) NOT NULL,
description TEXT,
file_url VARCHAR(500) NOT NULL,
category VARCHAR(100),
uploaded_by UUID REFERENCES users(id),
is_visible BOOLEAN DEFAULT true,
created_at TIMESTAMP DEFAULT NOW()
);
-- Amenities
CREATE TABLE amenities (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
project_id UUID REFERENCES projects(id),
name VARCHAR(255) NOT NULL,
description TEXT,
type VARCHAR(50), -- hall, terrace, conference_room, garden, gym, pool
is_paid BOOLEAN DEFAULT false,
booking_fee DECIMAL(10,2),
status VARCHAR(20) DEFAULT 'active',
created_at TIMESTAMP DEFAULT NOW()
);
-- Amenity Bookings
CREATE TABLE amenity_bookings (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
amenity_id UUID REFERENCES amenities(id),
flat_id UUID REFERENCES flats(id),
booked_by UUID REFERENCES users(id),
event_name VARCHAR(255),
booking_date DATE NOT NULL,
start_time TIME,
end_time TIME,
status VARCHAR(20) DEFAULT 'confirmed', -- confirmed, cancelled
created_at TIMESTAMP DEFAULT NOW()
);
-- Showcase Items
CREATE TABLE showcase_items (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
organization_id UUID REFERENCES organizations(id),
project_id UUID, -- NULL for organization-wide
title VARCHAR(255) NOT NULL,
description TEXT,
image_url VARCHAR(500),
link_url VARCHAR(500),
button_text VARCHAR(100),
display_order INTEGER,
is_active BOOLEAN DEFAULT true,
created_at TIMESTAMP DEFAULT NOW(),
updated_at TIMESTAMP DEFAULT NOW()
);
-- SOS Alerts
CREATE TABLE sos_alerts (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
project_id UUID REFERENCES projects(id),
triggered_by UUID REFERENCES users(id),
message TEXT,
dnd_override BOOLEAN DEFAULT true, -- SOS always overrides DND
dnd_override_enabled_by UUID REFERENCES users(id), -- Who toggled DND override
triggered_at TIMESTAMP DEFAULT NOW(),
acknowledged_count INTEGER DEFAULT 0,
total_residents INTEGER
);
-- SOS Acknowledgments
CREATE TABLE sos_acknowledgments (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
sos_id UUID REFERENCES sos_alerts(id),
user_id UUID REFERENCES users(id),
acknowledged_at TIMESTAMP DEFAULT NOW()
);
-- Audit Logs
CREATE TABLE audit_logs (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
project_id UUID REFERENCES projects(id),
user_id UUID,
action VARCHAR(100) NOT NULL,
entity_type VARCHAR(50),
entity_id UUID,
old_value JSONB,
new_value JSONB,
ip_address VARCHAR(45),
device_info JSONB,
created_at TIMESTAMP DEFAULT NOW()
);
| Key Pattern | TTL | Purpose |
|-------------|-----|---------|
| `user:{userId}:session` | 24 hours | User session data |
| `user:{userId}:pin_attempts` | 5 minutes | PIN attempt counter |
| `gate:{gateId}:status` | 5 seconds | Real-time gate status |
| `project:{projectId}:features` | 1 hour | Feature toggle cache |
| `notice:{noticeId}:reads` | 24 hours | Read receipt counter |
| `visitor:{flatId}:active` | 24 hours | Active visitors for flat |
| `rush_hour:{projectId}` | Until disabled | Rush hour mode status |
---
pja/{project_id}/gate/{gate_id}/open -- Gate open command
pja/{project_id}/gate/{gate_id}/close -- Gate close command
pja/{project_id}/gate/{gate_id}/status -- Gate status updates
pja/{project_id}/gate/{gate_id}/health -- Device health check
pja/{project_id}/biometric/check-in -- Biometric check-in event
pja/{project_id}/biometric/check-out -- Biometric check-out event
pja/{project_id}/sos/trigger -- SOS trigger
pja/{project_id}/guard/override -- Guard override
ESP32 Boot
│
├─ Connect to WiFi
├─ Connect to MQTT Broker (TLS)
├─ Subscribe to: pja/{project}/gate/{gate_id}/open
├─ Subscribe to: pja/{project}/gate/{gate_id}/close
│
▼
WAITING FOR MESSAGES
│
├─ On "open" message:
│ ├── Validate payload (user_id, device_id, pin_hash)
│ ├── Activate relay (HIGH signal)
│ ├── Wait 2 seconds
│ ├── Deactivate relay (LOW signal)
│ ├── Publish status: { status: "opened", timestamp }
│ └── Log to local storage
│
├─ On "close" message:
│ ├── Validate payload
│ ├── Activate relay (for closing mechanism)
│ ├── Publish status: { status: "closed", timestamp }
│ └── Log to local storage
│
└─ Periodic health check (every 60 seconds):
├── Publish: { status: "online", uptime, free_heap }
└── If WiFi/MQTT disconnect: Attempt reconnection
| Measure | Implementation |
|---------|----------------|
| MQTT Encryption | TLS 1.3 on all MQTT connections |
| Payload Signing | HMAC-SHA256 signature on all gate commands |
| Device Authentication | Each ESP32 has unique certificate |
| Rate Limiting | Maximum 10 gate operations per minute per device |
| Fallback | Physical button always works, zero app dependency |
| Tamper Detection | ESP32 detects physical tampering and alerts |
---
┌──────────────────────────────────────────────────────────────────────────┐
│ AWS / GCP CLOUD │
├──────────────────────────────────────────────────────────────────────────┤
│ │
│ ┌─────────────────────────────────────────────────────────────────┐ │
│ │ Vercel (Next.js) │ │
│ │ ┌──────────────┐ ┌──────────────┐ │ │
│ │ │ Admin Portal │ │ PWA │ │ │
│ │ │ (SSR/SSG) │ │ (Service │ │ │
│ │ │ │ │ Worker) │ │ │
│ │ └──────────────┘ └──────────────┘ │ │
│ │ - Edge functions │ │
│ │ - Automatic preview deploys │ │
│ │ - Global CDN (Vercel Edge Network) │ │
│ └─────────────────────────────┬───────────────────────────────────┘ │
│ │ │
│ ┌─────────────────────────────┴───────────────────────────────────┐ │
│ │ Application Load Balancer │ │
│ │ (SSL termination, routing) │ │
│ └─────────────────────────────┬───────────────────────────────────┘ │
│ │ │
│ ┌─────────────────────────────┴───────────────────────────────────┐ │
│ │ ECS / Cloud Run │ │
│ │ │ │
│ │ ┌────────────┐ ┌────────────┐ ┌────────────┐ │ │
│ │ │ nextJS │ │ nextJS │ │ nextJS │ │ │
│ │ │ Container │ │ Container │ │ Container │ │ │
│ │ │ (Replica 1)│ │ (Replica 2)│ │ (Replica 3)│ │ │
│ │ └────────────┘ └────────────┘ └────────────┘ │ │
│ │ │ │
│ └────────────────────────────────────────────────────────────────┘ │
│ │ │
│ ┌─────────────────────────────┴───────────────────────────────────┐ │
│ │ Data Layer │ │
│ │ │ │
│ │ ┌────────────┐ ┌────────────┐ ┌────────────┐ │ │
│ │ │ PostgreSQL │ │ Redis │ │ S3 │ │ │
│ │ │ (RDS) │ │ (ElastiCache)│ │ (Buckets) │ │ │
│ │ └────────────┘ └────────────┘ └────────────┘ │ │
│ │ │ │
│ └────────────────────────────────────────────────────────────────┘ │
│ │
│ ┌────────────────────────────────────────────────────────────────┐ │
│ │ EC2 / Compute Engine │ │
│ │ │ │
│ │ ┌────────────┐ │ │
│ │ │ Mosquitto │ │ │
│ │ │ MQTT Broker│ │ │
│ │ └────────────┘ │ │
│ │ │ │
│ └────────────────────────────────────────────────────────────────┘ │
│ │
└──────────────────────────────────────────────────────────────────────────┘
Code Push to GitHub
│
├─ GitHub Actions Workflow Triggered
│
├─ Stage 1: Lint & Type Check
│ ├── ESLint (code quality)
│ ├── TypeScript compilation check
│ └── Prettier formatting check
│
├─ Stage 2: Unit Tests
│ ├── Jest test suite
│ └── Coverage report
│
├─ Stage 3: Build
│ ├── Build nextJS backend (next build)
│ ├── Build Next.js web app (next build)
│ ├── Build Docker images
│ └── Push to container registry
│
├─ Stage 4: Security Scan
│ ├── Snyk vulnerability scan
│ ├── OWASP dependency check
│ └── Container security scan
│
├─ Stage 5: Deploy to Staging
│ ├── Deploy Next.js to Vercel (preview)
│ ├── Deploy nextJS to ECS/Cloud Run (staging)
│ ├── Run integration tests
│ └── Smoke tests
│
├─ Stage 6: Manual Approval
│ └── Team lead approval
│
└─ Stage 7: Deploy to Production
├── Deploy Next.js to Vercel (production)
├── Deploy nextJS to ECS/Cloud Run (production)
├── Database migrations
├── Health checks
└── Rollback if failed
---
| Component | Tool | Purpose |
|-----------|------|---------|
| Application Monitoring | New Relic / Datadog | Performance monitoring |
| Log Aggregation | ELK Stack / CloudWatch Logs | Centralized logging |
| Error Tracking | Sentry | Error capture and alerting |
| Uptime Monitoring | Pingdom / UptimeRobot | Availability monitoring |
| Infrastructure Monitoring | CloudWatch / Stackdriver | Server and DB metrics |
| IoT Monitoring | Custom dashboard | Device health and connectivity |
| Metric | Target | Alert Threshold |
|--------|--------|-----------------|
| API Response Time (p95) | < 500ms | > 1000ms |
| API Error Rate | < 0.1% | > 1% |
| Gate Open Response Time | < 1 second | > 2 seconds |
| MQTT Message Delivery | > 99.9% | < 99% |
| Database Connection Pool | < 80% | > 90% |
| Redis Memory Usage | < 70% | > 85% |
| Container CPU Usage | < 70% | > 85% |
| Container Memory Usage | < 80% | > 90% |
| S3 Storage | Monitor growth | > 100GB |
| Active MQTT Connections | Monitor count | Unexpected drops |
| Alert | Condition | Severity | Notification |
|-------|-----------|----------|--------------|
| API Down | 3 consecutive failures | Critical | SMS + Email + Slack |
| High Error Rate | > 5% for 5 minutes | High | Email + Slack |
| Gate IoT Offline | Device not responding for 2 minutes | High | SMS + Email |
| Database Slow Query | > 2 seconds | Medium | Email |
| High Memory Usage | > 90% for 10 minutes | Medium | Email |
| SSL Certificate Expiry | < 30 days | Low | Email |
| Backup Failure | Any failure | High | SMS + Email |
---
┌─────────────────────────────────────────────────────────────────┐
│ SECURITY LAYERS │
├─────────────────────────────────────────────────────────────────┤
│ │
│ Layer 1: Network Security │
│ ├── WAF (Web Application Firewall) │
│ ├── DDoS Protection (AWS Shield / Cloudflare) │
│ ├── VPC Isolation │
│ └── Security Groups (port restrictions) │
│ │
│ Layer 2: Transport Security │
│ ├── TLS 1.3 on all connections │
│ ├── HSTS headers │
│ ├── Certificate pinning (mobile app) │
│ └── MQTT over TLS │
│ │
│ Layer 3: Application Security │
│ ├── JWT authentication with short expiry │
│ ├── Rate limiting (100 req/min per user) │
│ ├── Input validation (class-validator) │
│ ├── SQL injection prevention (Prisma ORM) │
│ ├── XSS prevention (output encoding) │
│ └── CORS configuration │
│ │
│ Layer 4: Data Security │
│ ├── AES-256 encryption at rest │
│ ├── Field-level encryption for sensitive data │
│ ├── Database encryption (RDS encryption) │
│ ├── S3 bucket encryption │
│ └── Redis encryption at rest │
│ │
│ Layer 5: Access Control │
│ ├── Role-Based Access Control (RBAC) │
│ ├── Multi-tenant data isolation │
│ ├── Device verification (fingerprinting) │
│ ├── PIN verification for gate operations │
│ └── Session management with auto-logout │
│ │
│ Layer 6: Audit & Compliance │
│ ├── Complete audit trail for all operations │
│ ├── Immutable audit logs │
│ ├── DPDP Act 2023 compliance │
│ ├── GDPR compliance framework │
│ └── Regular security audits │
│ │
└─────────────────────────────────────────────────────────────────┘
-- Every query includes project_id filter
-- Example: Get all users for a project
SELECT * FROM users WHERE project_id = $1;
-- Prisma middleware enforces tenant isolation
-- Cannot access data from other projects
-- Even admins cannot cross tenant boundaries without explicit query
---
| Component | Scaling Strategy |
|-----------|-----------------|
| API Server | Auto-scaling based on CPU/request count |
| PostgreSQL | Read replicas + connection pooling |
| Redis | Cluster mode for horizontal scaling |
| S3 | Unlimited storage (auto-scaling) |
| MQTT | Mosquitto cluster for high availability |
| Technique | Implementation |
|-----------|----------------|
| Caching | Redis for frequently accessed data |
| CDN | CloudFront for static assets |
| Database Indexing | Optimized indexes for common queries |
| Connection Pooling | PgBouncer for PostgreSQL connections |
| Lazy Loading | Mobile app loads data on demand |
| Image Optimization | S3 + CloudFront image resizing |
| API Pagination | Cursor-based pagination for large datasets |
| Scenario | Target |
|----------|--------|
| Concurrent API Users | 1000+ |
| Gate Operations per Second | 100+ |
| MQTT Messages per Second | 500+ |
| Database Queries per Second | 1000+ |
| File Uploads per Minute | 50+ |