This project is a privacy-first visitor management system designed for large campuses (colleges, universities, corporate parks). It enables secure visitor entry, access control, and auditability without exposing personal data unnecessarily .
The system was built as part of H2TS 2.0 (Hack2TechSustain) , aligned with:
- SDG 11 : Sustainable Cities & Communities
- SDG 16 : Peace, Justice & Strong Institutions
Traditional visitor entry systems:
- Collect excessive personal data
- Use manual registers
- Lack uniform access control
- Are prone to privacy leaks
- Centralized policy enforcement
- Role-based access areas
- Token / QR-based entry
- Admin-controlled approvals
- Secure backend-driven operations
- Apply for campus entry via a clean web form
- Select visit date, time, ID type, and required access areas
- Track application status (Pending / Approved / Rejected)
- Receive email notification on approval/rejection
- Get QR-code based entry token after approval
- View all visitor requests in a structured table
- Approve or reject requests
- Manage access areas dynamically
- Remove or add access areas using chip-based UI
- Automated email + QR code generation
- No database access from frontend
- All Supabase operations via backend only
- Controlled admin actions
- Minimal data exposure
- Audit-friendly design
- React (Vite)
- CSS (White theme, minimal UI)
- Axios
- Node.js
- Express.js
- Supabase (PostgreSQL)
- Nodemailer (email notifications)
- QRCode (token generation)
blastorz/
│
├── frontend/
│ ├── src/
│ │ ├── api/
│ │ │ └── api.js
│ │ ├── pages/
│ │ │ ├── visitor/
│ │ │ │ ├── Apply.jsx
│ │ │ │ └── apply.css
│ │ │ └── admin/
│ │ │ ├── Dashboard.jsx
│ │ │ └── admin.css
│ │ ├── App.jsx
│ │ └── main.jsx
│ └── package.json
│
├── backend/
│ ├── src/
│ │ ├── config/
│ │ │ ├── supabase.js
│ │ │ └── mail.js
│ │ ├── controllers/
│ │ │ ├── visitor.controller.js
│ │ │ └── admin.controller.js
│ │ ├── routes/
│ │ │ ├── visitor.routes.js
│ │ │ └── admin.routes.js
│ │ ├── app.js
│ │ └── server.js
│ └── package.json
│
└── README.md
- Visitor submits application
- backend stores request in Supabase (status: Pending)
- Admin reviews request
- Admin approves or rejects
- Email notification is sent
- On approval, QR token is generated
- Visitor uses QR for entry
cd backend
npm install
npm run dev
cd frontend
npm install
npm run dev
Open:
- Visitor Apply Page →
<span>http://localhost:5173/apply</span> - Admin Dashboard →
<span>http://localhost:5173/admin</span>
{
"name": "Alice",
"phone": "9876543210",
"email": "[email protected]",
"purpose": "Workshop",
"visit_date": "2025-12-20",
"in_time": "09:00",
"out_time": "12:00",
"id_type": "Aadhaar",
"id_hash": "XXXX-XXXX-XXXX",
"access_areas": ["CSE", "Library"]
}
- id (UUID)
- name
- phone
- purpose
- visit_date
- in_time
- out_time
- status
- access_areas (array)
- id_type
- id_hash
- id_verified
- created_at
- UUID is used internally as QR token
- Admin dashboard hides UUID from UI
- Access areas are dynamically manageable
This project demonstrates a realistic, scalable, and privacy-conscious visitor management system suitable for campuses, enterprises, and secure facilities.
Built with simplicity, security, and sustainability in mind.
👨💻 Team: Blastorz 🏆 Event: Hack2TechSustain (H2TS 2.0)