Skip to main content

Documentation Index

Fetch the complete documentation index at: https://grantmaster.dev/llms.txt

Use this file to discover all available pages before exploring further.

Portal System

StatusUpdatedCovered Files
🟢 Stable2026-02-22portal/, portal/src/App.tsx, portal/src/pages/, functions/src/api/middleware/authenticate.ts, src/features/grantors/

Overview

The Portal System provides external stakeholders — grantors, partners, and beneficiaries — with secure, read-only access to project data without requiring full platform accounts. It consists of a standalone Vite application and a token-based authentication mechanism.

Architecture

┌──────────────────────────────────┐     ┌──────────────────────────────────┐
│  Main App (src/)                 │     │  Portal App (portal/)            │
│  Internal users, full features   │     │  External stakeholders           │
│  Firebase Auth (JWT)             │     │  Token-based access              │
├──────────────────────────────────┤     ├──────────────────────────────────┤
│                                  │     │  /:tokenId → PortalLanding       │
│  Grant/Project management        │     │  /:tokenId/dashboard             │
│  Generate portal tokens          │     │      → ProjectDashboard          │
│                                  │     │  / → Error (no token)            │
└─────────────┬────────────────────┘     └──────────────┬───────────────────┘
              │                                         │
              │  Token creation via                     │  Token validation via
              │  portalTokenService                     │  authenticate middleware
              │                                         │
              └──────────────┬──────────────────────────┘

                    ┌────────▼────────┐
                    │  Firestore      │
                    │  portalTokens   │
                    │  collection     │
                    └─────────────────┘

Portal Types

Stakeholder Portal

For grantors, donors, and partners who need to view project progress:
FeatureDescription
Project DashboardKPIs, milestones, budget utilization
Document ViewerShared reports, deliverables, compliance docs
Progress TimelineVisual project progress tracking

Grantor Portal

For funders reviewing grant performance and compliance:
FeatureDescription
Grant OverviewAward details, status, disbursement tracking
Report AccessSubmitted narrative and financial reports
Compliance StatusReal-time compliance indicator
Milestone TrackingDeliverable completion status

Token-Based Access

Token Creation

Internal users generate portal tokens from the main app: 
interface PortalToken {
  id: string;
  organizationId: string;
  projectId?: string;
  grantId?: string;
  tokenType: 'stakeholder' | 'grantor';
  permissions: Permission[];          // Limited: VIEW_PROJECTS, VIEW_REPORTS
  createdBy: string;
  createdAt: string;
  expiresAt?: string;
  isActive: boolean;
  accessCount: number;
  lastAccessedAt?: string;
}

Token Authentication

File: functions/src/api/middleware/authenticate.ts Portal tokens are validated via the authenticate middleware’s third path:
  1. Token ID extracted from URL parameter (?token={id}) or portal_ prefix in Authorization header
  2. Direct lookup in portalTokens Firestore collection
  3. Validates token is active and not expired
  4. Resolves to AuthContext with limited permissions:
    • VIEW_PROJECTS — Read project data
    • VIEW_REPORTS — Read submitted reports

Security Constraints

  • Read-only: Portal tokens grant no write permissions
  • Scoped: Tokens can be scoped to specific projects or grants
  • Expirable: Optional expiresAt for time-limited access
  • Revocable: Internal users can deactivate tokens at any time
  • Tracked: Access count and last access timestamp are recorded

Portal Application

Standalone Build

The portal is a separate Vite application in portal/ with its own:
  • package.json and dependencies
  • Vite configuration
  • Build output
  • Deployment target

Route Structure

File: portal/src/App.tsx
RouteComponentDescription
/:tokenIdPortalLandingToken validation + portal overview
/:tokenId/dashboardProjectDashboardFull project/grant dashboard
/Error pageNo token provided
*RedirectCatch-all redirect

Data Access

Portal pages fetch data through the same API gateway (/api/v1/*) using portal token authentication. The tenantIsolation middleware ensures data is scoped to the token’s organization.

Grantor Features

File: src/features/grantors/ The grantors feature manages funder profiles and relationships from the internal perspective:
ComponentDescription
Grantor profilesFunder details, requirements, preferences
Relationship trackingInteraction history, stewardship activities
Portal managementToken creation, access monitoring
Compliance mappingFunder-specific compliance requirements

Key Files Reference

FilePurpose
portal/src/App.tsxPortal route configuration
portal/src/pages/PortalLanding.tsxToken validation and landing page
portal/src/pages/ProjectDashboard.tsxProject/grant dashboard for external view
portal/vite.config.tsPortal build configuration
functions/src/api/middleware/authenticate.tsPortal token authentication path
src/features/grantors/Internal grantor management feature
src/core/firestoreCollections.tsportalTokens collection reference