CoffeeBreak Platform

A comprehensive event management platform designed to streamline event organization, attendee management, and real-time event coordination. Built as part of the Project of Informatics course at University of Aveiro.

Overview

CoffeeBreak is a modern event management solution that combines a robust backend API, an intuitive admin interface, and a user-friendly event application. The platform emphasizes security, scalability, and developer experience through containerization and modern authentication patterns.

Production Deployments

Currently running in production for multiple events:

2025:

• TEDxAveiro 2025 - Technology conference
• DETIConnect 2025 - Department networking event

2026 (Scheduled):

• DETI4DEVs 2026 - Developer conference
• ThinkTwice 2026 - Innovation showcase

The platform has proven its reliability managing real-world events, handling attendee registration, check-ins, and real-time coordination. Continuous improvements based on production feedback from organizers and attendees.

Architecture

Microservices Design

Built on a microservices architecture with clear separation of concerns:

graph TD
    classDef external fill:transparent,stroke-dasharray: 5 5;

    subgraph Frontend
        UI["`User Interface`"]
        Auth["`Authentication`"]
    end

    RP("`Reverse Proxy`")

    subgraph Backend
        API["`API Application`"]
        MQ[["`Message Queue`"]]
        WP["`WebPush Sender`"]
    end

    subgraph Databases
        Mongo[("`Unified Content DB`")]
        PG[("`Relational DB`")]
    end

    Ext["`Client Browser Push Service`"]:::external

    UI --> RP
    Auth -- "`Validates Identity`" --> RP
    RP --> API

    API --> Mongo
    API --> PG

    API -- "`Notification Request`" --> MQ
    MQ --> WP
    WP -- "`Fetch User WebPush Subscription`" --> PG
    WP --> Ext

Plugin-Based Architecture

Extensible plugin system allowing event-specific customization without modifying core platform:

• Modular Features: QR check-ins, live polls, networking features, schedule management
• Event Templates: Reusable configurations for different event types (conferences, networking, workshops)
• Custom Integrations: Third-party service connections (analytics, email, payment)
• Hot-Swappable Plugins: Enable/disable features without redeployment
• Isolated Plugin Environment: Plugins run independently, preventing conflicts

This architecture allows one platform to power diverse events with tailored feature sets - TEDx talks need schedule management and live Q&A, while networking events need attendee matching and connection features.

Containerization

Full Docker-based deployment with service orchestration:

• All services containerized for consistency and portability
• Service discovery and internal networking
• Isolated service environments
• Resource allocation and limits
• Health checks and auto-restart policies

Key Features

Fully Personalized Event Pages, Theming & Menu

Event organizers can give each deployment its own look and structure without touching code. Pages are composed of building blocks (Title, Text, Image, etc.) that organizers add, reorder, and configure—no code changes required.

• Custom pages – Build pages from components (Title, Text, Image, Carousel, Schedule, Activities, Speaker, Sponsors, Location, Video). Static content for info and sponsors, or dynamic templates that automatically fill with event data (e.g., activity details, speaker profiles).
• Color theming – Full control over the event app palette: primary, secondary, accent, and semantic colors so each event has its own brand identity.
• Customizable menu – Organizers define the navigation: which pages appear, labels, icons, and order. Different events get different menus suited to their structure.

Event Management

• Multi-event support with isolated configurations
• Event scheduling and timeline management
• Attendee registration and capacity management
• Real-time event updates and announcements
• Analytics dashboard with attendance metrics
• QR code ticket generation

Authentication & Authorization

• OAuth2/OIDC implementation with Keycloak
• Secure token-based authentication (JWT)
• Role-based access control (Admin, Organizer, Attendee)
• Single Sign-On (SSO) support
• Refresh token rotation for security
• Session management

Admin Interface

• Intuitive dashboard for event management
• Real-time attendee tracking and check-in status
• Event statistics and insights (registrations, attendance, engagement)
• User management and role assignment
• Plugin configuration per event
• Export tools for reports

Event App

• Mobile-responsive progressive web app
• Real-time event feed and schedule
• QR code ticket display for check-in
• Push notifications for event updates
• Attendee interaction features (polls, Q&A, networking)
• Offline support for ticket display

Technical Implementation

Backend (FastAPI)

Modern async Python framework providing high-performance API:

• RESTful API design with clear endpoints
• Automatic OpenAPI/Swagger documentation
• Pydantic models for data validation
• SQLAlchemy ORM with async support
• Alembic for database migrations
• CORS and security middleware
• Background task processing

Frontend (Next.js)

Server-side rendered React application:

• Next.js 14 with App Router
• React 18 features (Server Components)
• TypeScript for type safety
• Tailwind CSS for styling
• Responsive design for all devices
• Progressive Web App (PWA) capabilities
• Optimistic UI updates

WebPush Integration

Real-time notifications using Web Push API:

• Service Worker implementation for background notifications
• Push subscription management per user
• Browser notification permission handling
• Customizable notification content (title, body, icon, actions)
• Delivery status tracking
• Silent push for data sync

Security Features

OAuth2/OIDC Implementation

• Industry-standard authentication protocol
• PKCE (Proof Key for Code Exchange) for enhanced security
• Token expiration and rotation
• Protected API endpoints with JWT validation
• Scope-based authorization

Data Protection

• Bcrypt password hashing
• HTTPS/TLS in production
• CORS configuration for API access
• SQL injection prevention through ORM
• XSS protection in frontend
• Rate limiting on API endpoints
• Input validation with Pydantic

Keycloak Integration

• Centralized identity and access management
• User federation support
• Social login integration capability
• Multi-factor authentication ready
• Custom authentication flows
• Brute force detection

Technical Highlights

API Design

• RESTful architecture following OpenAPI 3.0 spec
• Automatic interactive documentation (Swagger UI)
• Versioned API endpoints (/api/v1/)
• Consistent error responses
• Request/response schemas with validation

Database Schema

• Normalized relational design
• Entity relationships (Events, Users, Registrations, Plugins)
• Migration system for schema evolution
• Indexing for query performance
• Transaction management for data consistency

Deployment Architecture

• Docker Compose orchestration for services
• Nginx reverse proxy for routing
• Service health monitoring
• Automated backups
• Log aggregation
• Environment-based configuration

Performance

• API Response: Sub-200ms average
• Concurrent Users: 300+ supported simultaneously
• Uptime: 99.9% during production events
• Database Queries: Optimized with eager loading and caching
• Frontend: Server-side rendering for fast initial load

Results

Successfully delivered a production-grade platform that:

• Powers multiple university events annually
• Handles 300+ attendees per event without issues
• Provides secure, reliable authentication
• Enables rapid event setup through templates
• Receives positive feedback from organizers and attendees
• Continues to evolve based on real-world usage

Built for the Project of Informatics course at University of Aveiro, demonstrating full-stack development, microservices architecture, modern authentication, and production deployment practices.