calibur
Back to Inventory
ShippedFinance / Web App

MIS 20 Fund

Production Django app digitizing a university batch welfare fund with automated receipts.

Django 6PostgreSQLReportLabGoogle Sheets APIGmail SMTPCloudflare TunnelTailscaleWaitress
View Source

The Problem

The batch welfare fund was managed in notebooks, cash envelopes, and verbal records — no audit trail, no payment receipts for members, and no transparency for non-committee members. 100+ batch members had zero visibility into the fund balance or their own contribution history.

The Solution

A production Django app where every contribution or donation triggers a four-step signal pipeline: PDF receipt generation (ReportLab), email delivery (Gmail SMTP), Google Sheets sync, and member-total cache update. The admin panel sits behind a Tailscale VPN with CIDR-based IP-restriction middleware, and a REST API powers the MIS Department Portal.

Key Features

  • Member portal: dashboard, transaction history, member directory, profile
  • Committee dashboard: ledger, fund summary, missing-contribution tracker
  • Automated PDF receipts (Black & Gold theme, 4×7.2 inch, ReportLab)
  • Google Sheets sync to per-type worksheets (contributions, donations, expenses)
  • Email notifications with HTML body + PDF attachment via Gmail SMTP
  • REST API with X-API-Key auth (dashboard / personal / full ledger)
  • Tailscale-VPN-restricted /admin/ via custom CIDR middleware

Technical Challenges

01 · Custom Primary Key for Auth

Django's AbstractUser auto-generates integer PKs, but the system needs university roll numbers as primary keys. Solution: extended AbstractUser, set USERNAME_FIELD = 'id', wrote a custom MemberManager, and locked down the admin to enforce read-only on the PK column.

02 · Atomic Signal Pipeline

After every transaction, four steps must run: cache update, PDF, email, Sheets sync. One failure can't block the others. Solution: each step lives in an independent try/except block with structured logging, so a Sheets timeout never breaks receipt delivery.

03 · Google Sheets Deduplication

Network timeouts can leave records flagged unsynced even when Sheets received them. Solution: Sheets is treated as append-only and Django DB is the source of truth; a resync management command safely retries unsynced records without ever creating duplicates.

04 · Admin Panel Security

The admin runs on a public domain and is a brute-force magnet. Solution: custom middleware intercepts every /admin/ request, parses X-Forwarded-For for the real client IP, and only allows localhost or Tailscale VPN IPs (100.64.0.0/10).

Future Scope

  • Mobile companion for committee field entry
  • Expense reimbursement workflow
  • Annual audit-report PDF generator
← All projectsDiscuss this project