Real-time support analytics for NGOs and social sector organizations.
Two Portals:
- Support Engineer Portal: Real-time dashboard, tickets, reports, RFT metrics
- Leadership Portal: Partner health, trends analysis, metrics, implementations
Key Features:
- β Free forever ($0/month)
- β Role-based access control
- β Auto-sync with Freshdesk
- β Mobile responsive
- β Production ready
Stack:
- Frontend: Next.js 16 + React 19 + TypeScript
- Backend: Fastify + Prisma + PostgreSQL
- Auth: Firebase Authentication
- Hosting: Vercel (frontend) + Render (backend) + Supabase (database)
SUPPORT/
βββ backend/
β βββ src/
β β βββ analytics/ # Metrics computation
β β βββ config/ # Environment configuration
β β βββ jobs/ # Scheduled jobs (weekly ingestion)
β β βββ persistence/ # Database repositories
β β βββ routes/ # API endpoints
β β βββ services/ # External service integrations
β β β βββ freshdesk/ # Freshdesk API client
β β β βββ metabase/ # Metabase API client
β β β βββ google-sheets/ # Google Sheets integration
β β β βββ secure-config/ # Encrypted config manager
β β βββ utils/ # Shared utilities
β βββ prisma/ # Database schema
β βββ .env # Environment variables
β
βββ frontend/
β βββ src/
β β βββ app/ # Next.js pages
β β β βββ page.tsx # Dashboard
β β β βββ rft/ # RFT Metrics page
β β β βββ settings/ # Settings page
β β βββ components/
β β β βββ dashboard/ # Dashboard components
β β β βββ layout/ # Layout components
β β β βββ ui/ # shadcn/ui components
β β βββ lib/ # Utilities and API client
β βββ .env.local # Frontend environment
β
βββ README.md # This file
Executive Intelligence Platform:
- Partner Health: Risk scoring, engagement patterns, ticket volume trends
- Metrics Dashboard: Program risk, adoption signals, support capacity
- Trends Analysis: Ticket type distribution, company breakdown, tag analysis, timeline charts
- Analytics Hub: Metabase dashboard cards with category filtering
- Weekly Summary: Top risks, partners to watch, recommended actions
Date Filtering:
- Dynamic date ranges: 30d, 90d, 6m, 12m, custom
- Applied across Partners, Metrics, Trends pages
- Real-time data updates based on selected range
Last 30 Tickets History:
- Auto-updating table (syncs every Friday 4:30 PM IST)
- CSV export matching operational dashboard format
- Available in both leadership and support portals
Implementation:
- Frontend: Firebase Client SDK (email/password)
- Backend: Firebase Admin SDK with Base64-encoded private key
- Token Flow: ID token attached via Axios interceptor on every request
- Verification: Backend validates token before data access
- Multi-User: Concurrent sessions supported, each request independently validated
Role-Based Access Control:
- Support Engineer: Dashboard, tickets, reports, engineer hours
- Leadership: All support features + partner health, trends, metrics, analytics
- Founder: All features + weekly summary, full system access
Security Measures:
- β
Per-route role verification (
requireLeadership,requireFounder) - β Token verification on every request (stateless JWT)
- β Rate limiting: 10 req/min (sensitive), 100 req/min (global)
- β No sensitive data logged (tokens masked, BigInt serialization fixed)
- β CORS configured for frontend domain only
Business Rule: Only ONE year of data visible at any time (current year).
Implementation:
// Backend: No DB query needed - pure calculation
export async function getAvailableYears(): Promise<number[]> {
return [new Date().getFullYear()]; // Always returns [2025] in 2025
}
// Frontend: Year calculated from current date
function getValidYear(): number {
return new Date().getFullYear();
}Auto-Adjustment:
- Jan 1, 2026: Year automatically becomes 2026 (no code changes)
- Jan 1, 2027: Year automatically becomes 2027 (no code changes)
Data Retention:
- Current year data persists in database
- Old data cleanup can be scheduled (manual trigger for safety)
- All operations logged in immutable audit trail
Why This Approach:
- β Zero maintenance (no hardcoded years)
- β No database queries for year selection
- β Prevents stale data in UI
- β Future-proof (works forever)
- Year & Weekly Views: Toggle between year-to-date and current week data
- Auto-refresh: Data refreshes every 5 minutes automatically
- Priority Distribution: Visual breakdown of ticket priorities
- Status Overview: Open, pending, resolved, closed tickets
- Top Companies: Companies with most support requests
- Unresolved by Group: Tickets pending by support group
- Empty State Handling: Clear messaging when no data available
Pre-defined questions with instant answers:
- Total tickets received this year
- Tickets created this week
- Currently unresolved tickets
- Top company by ticket volume
- Urgent/high priority open tickets
- RFT (Rule Failure Telemetry) status
- Ticket resolution rate
- Auto-generated report format for Google Sheets
- Engineer hours tracking (name + hours only)
- Tags analysis for ticket categorization
- Copy-to-clipboard functionality
- Secure credential management (AES-256 encrypted)
- Freshdesk API key configuration
- Metabase email/password configuration
- Google Sheets integration URL
- Activity logs with immutable audit trail
- Audit log viewer with JSON export
Layer 1: Network Security
- HTTPS enforced (Vercel + Render SSL)
- CORS configured for frontend domain only
- Security headers: X-Frame-Options, CSP, HSTS
Layer 2: Authentication
- Firebase token verification on every request
- No session cookies (stateless JWT)
- Token rotation: 1-hour expiry
Layer 3: Authorization
- Per-route middleware (no global blocking)
- Early return on auth failure (prevents data leaks)
- Rate limiting: 10 req/min (year switches), 100 req/min (global)
Layer 4: Input Validation
- SQL Injection: Prisma ORM + regex validation
- XSS: Input sanitization on all user inputs
- Path Traversal: Whitelist validation