Univent

<sub>ucode connect uevent "Univent" is the project of ucode connect the Track FullStack programming bootcamp
lasting 5 weeks (March 31, 2025 - May 2, 2025),
where the NestJS with TypeScript and React with Next.js were used to develop the event ticketing service.

The purpose: create an event ticketing service to unite people with the same interests
using the whole cycle of Challenge Based Learning framework with a team.</sub>

📑 Table of Contents

• 🗓️ About "Univent" Platform
• 🧑‍💻 Team
• 🗓 About "Univent" Admin Panel
• 🎯 Features and Functionality
  • 🔐 Authentication & Authorization
  • 👥 User Management
  • 🎪 Event Management
  • 🗄️ Database Management
  • 🛡️ Security Features
  • 🖥️ Administrative Interface
  • 📱 Session Management
  • 🔧 CORS Configuration
• ⚙️ Requirements and Dependencies
• 🚀 How to Run the Solution
• 👤 Admin Credentials

🗓️ About "Univent" Platform

Univent is a platform for creating, attending and managing events!

Organise events with interactive maps, buy tickets, use promo codes and receive notifications.

A user-friendly profile for everyone - from organisers to guests.

Here is a link to the presentation file.

🧑‍💻 Team

Inessa Repeshko

Andrew Laskevych

🗓 About "Univent" Admin Panel

The Univent Admin Panel is a secure, web-based administrative interface built with NestJS and AdminJS to manage the Univent event platform. It provides administrators with tools to manage users, companies, events, payments, and other data.

The admin panel connects directly to the MySQL database, offering CRUD operations through an intuitive AdminJS interface. Key features include admin-only authentication with email verification, secure session management using file-based storage, and comprehensive security headers for protection against common web vulnerabilities.

🎯 Features and Functionality

Univent Admin Panel provides the following administrative capabilities:

🔐 Authentication & Authorization

• Secure admin authentication with email and password validation
• Role-based access control (admin users only with verified email)
• Password hashing using bcrypt for secure credential storage
• Session-based authentication with AdminJS integration
• Database-driven user authentication against MySQL users table

👥 User Management

• View and manage user accounts through AdminJS interface
• User profile information display (email, first_name, last_name, role)
• Email verification status monitoring (is_email_verified field)
• User creation timestamps tracking (created_at, updated_at)
• Sensitive data protection (passwords and profile pictures hidden from interface)
• Read-only view for timestamp fields

🎪 Event Management

• Event Formats: Management of event format types (id, title)
• Event Themes: Administration of event theme categories (id, title)
• CRUD operations for event formats and themes
• Read-only timestamp tracking for event-related data

🗄️ Database Management

• Direct MySQL database connection using @adminjs/sql adapter
• Database migration tracking through _prisma_migrations table (read-only)
• SSL/TLS connection support for remote database access
• Connection timeout configuration (60 seconds)
• Automatic fallback configuration if database connection fails

🛡️ Security Features

• Security headers middleware implementation:
  • X-Frame-Options: SAMEORIGIN (clickjacking prevention)
  • X-Content-Type-Options: nosniff (MIME type sniffing protection)
  • X-XSS-Protection: 1; mode=block (XSS protection)
  • Referrer-Policy: strict-origin-when-cross-origin
  • Content Security Policy (basic implementation)
• Secure cookie configuration with httpOnly and sameSite
• Environment-based security configuration
• Cookie parser integration with secret key

🖥️ Administrative Interface

• AdminJS-powered web interface at /admin route
• Custom branding with Univent logos and company name
• Responsive interface with built-in CRUD operations
• Custom resource configuration for each database table
• Automated redirect from root path to admin panel
• Static file serving for public assets (logos, favicon)

📱 Session Management

• File-based session storage using session-file-store
• Memory-based sessions for development environment
• Configurable session timeout (24 hours)
• Session rolling on activity
• Secure session configuration:
  • HttpOnly cookies
  • SameSite protection
  • Environment-specific secure flag
• Automatic sessions directory creation in production

🔧 CORS Configuration

• Environment-specific allowed origins
• Comprehensive headers support
• Cookie credentials enabled
• Multiple HTTP methods support (GET, POST, PUT, DELETE, PATCH, OPTIONS)

⚙️ Requirements and Dependencies

Before starting, ensure the required technologies are installed.

• Node.JS >= v18.0
• NPM >= v8.0
• MySQL >= 8.0
• TypeScript >= v5.0

🚀 How to Run the Solution

1. Run the "Univent" Backend project.
2. Clone this repository and move to the project directory:

   git clone <repository-url> univent-admin
   cd univent-admin

3. Install all dependencies:

   npm install

4. Configure the environment file:
   • Locate the .env.development.example file in the root of the project.
   • Rename .env.development.example to .env.development.
   • Open .env.development and add your data in the appropriate fields:

     DATABASE_HOST=localhost
     DATABASE_PORT=3306
     DATABASE_USER=your_db_user
     DATABASE_PASSWORD=your_db_password
     DATABASE_NAME=univent
     
     # Admin credentials
     ADMIN_EMAIL=admin@univent.com
     ADMIN_PASSWORD=Password123!$
     
     # Security
     COOKIE_SECRET=your_cookie_secret_key

5. Build the project:

   npm run build

6. Start the development server:

   npm run start:dev

7. Access the admin panel at http://localhost:8000/admin.

👤 Admin Credentials

Default admin credentials for testing: Email:

admin@univent.com

Password:

Password123!$

---

© Inessa Repeshko. 2025