A full-stack cloud-powered inventory management system built for landscaping businesses. Features real-time data synchronization, role-based access control, image uploads, and interactive analytics dashboards.
URL: https://niroula-inventory-860558940486.us-central1.run.app/
- Firebase Authentication with email/password
- Role-based access control (Admin, Editor, Viewer)
- Secure session management with HTTP-only cookies
- Automatic session restoration
- CRUD operations for inventory items
- Real-time quantity adjustments (+/-)
- Category-based organization (7 categories)
- Search and filter functionality
- Image upload support via Cloudinary CDN
- Total inventory value calculation
- Category-wise breakdown (pie & bar charts)
- Real-time statistics
- Visual data representation using Chart.js
- Responsive design for all devices
- Dark-themed professional interface
- Intuitive navigation and controls
- Image preview on upload
Frontend:
- HTML5, CSS3, JavaScript (ES6+)
- Firebase JavaScript SDK 8.10.0
- Chart.js for data visualization
Backend:
- Python 3.11
- Flask 3.0.0 (Web Framework)
- Firebase Admin SDK (Authentication & Realtime Database)
- Gunicorn (Production WSGI Server)
Cloud Services:
- Google Cloud Run - Serverless container hosting
- Firebase Realtime Database - NoSQL data storage
- Firebase Authentication - User management
- Cloudinary - Image CDN and processing
DevOps:
- Docker containerization
- Google Cloud Build
- Environment-based configuration
niroula-landscaping/
βββ app.py # Main Flask application
βββ requirements.txt # Python dependencies
βββ Dockerfile # Container configuration
βββ .env.yaml # Environment variables (not in repo)
βββ cosc-4607-firebase-adminsdk.json # Firebase credentials (not in repo)
β
βββ templates/
β βββ index.html # Main inventory page
β βββ dashboard.html # Analytics dashboard
β
βββ static/
β βββ styles.css # Main stylesheet
β βββ dashboard.css # Dashboard styles
β
βββ utils/
βββ seed_inventory.py # Database seeding script
βββ set_role.py # User role management
- Python 3.11+
- Google Cloud account with billing enabled
- Firebase project
- Cloudinary account
-
Clone the repository
git clone https://github.com/yourusername/niroula-landscaping.git cd niroula-landscaping -
Create virtual environment
python -m venv venv source venv/bin/activate # On Windows: venv\Scripts\activate
-
Install dependencies
pip install -r requirements.txt
-
Set up environment variables
Create a
.envfile:FLASK_SECRET_KEY=your-secret-key-here CLOUDINARY_CLOUD_NAME=your-cloud-name CLOUDINARY_API_KEY=your-api-key CLOUDINARY_API_SECRET=your-api-secret
-
Add Firebase credentials
Download your Firebase Admin SDK JSON file and save as:
cosc-4607-firebase-adminsdk.json -
Run the application
python app.py
Visit
http://localhost:8080
-
Install Google Cloud SDK
# Visit: https://cloud.google.com/sdk/docs/install gcloud auth login gcloud config set project YOUR_PROJECT_ID
-
Create
.env.yamlfor productionFLASK_SECRET_KEY: "your-production-secret-key" CLOUDINARY_CLOUD_NAME: "your-cloud-name" CLOUDINARY_API_KEY: "your-api-key" CLOUDINARY_API_SECRET: "your-api-secret"
-
Deploy to Cloud Run
gcloud run deploy niroula-inventory \ --source . \ --region us-central1 \ --allow-unauthenticated \ --env-vars-file .env.yaml \ --clear-base-image -
Configure Firebase
- Add your Cloud Run URL to Firebase authorized domains
- Go to Firebase Console β Authentication β Settings β Authorized domains
- Session Security: HTTP-only, secure cookies with SameSite protection
- CSRF Protection: Built-in Flask session management
- Role-Based Access: Three-tier permission system
- Input Validation: Server-side data sanitization
- HTTPS Enforcement: Automatic SSL via Cloud Run
- Environment Isolation: Secrets stored in environment variables
| Role | View Items | Add Items | Update Quantity | Delete Items |
|---|---|---|---|---|
| Admin | β | β | β | β |
| Editor | β | β | β | β |
| Viewer | β | β | β | β |
{
"inventory": {
"item_id_1": {
"name": "Maple Tree",
"quantity": 10,
"price": 120.00,
"category": "Plants & Trees",
"imageURL": "https://res.cloudinary.com/...",
"ownerUID": "user_id"
}
}
}{
"users": {
"user_id": {
"role": "admin"
}
}
}| Method | Endpoint | Description | Auth Required | Roles |
|---|---|---|---|---|
| GET | / |
Landing page | No | All |
| GET | /dashboard |
Analytics dashboard | Yes | All |
| GET | /items |
Get all items | Yes | All |
| POST | /add |
Add new item | Yes | Admin, Editor |
| POST | /update_quantity/:id |
Update item quantity | Yes | Admin, Editor |
| DELETE | /delete/:id |
Delete item | Yes | Admin |
| POST | /auth/session |
Create user session | No | All |
| POST | /logout |
End user session | No | All |
| Variable | Description | Required |
|---|---|---|
FLASK_SECRET_KEY |
Flask session encryption key | Yes |
CLOUDINARY_CLOUD_NAME |
Cloudinary account name | Yes |
CLOUDINARY_API_KEY |
Cloudinary API key | Yes |
CLOUDINARY_API_SECRET |
Cloudinary API secret | Yes |
PORT |
Application port (default: 8080) | No |
- Response Time: < 200ms average
- Uptime: 99.9% (Cloud Run SLA)
- Scalability: Auto-scaling 0-10 instances
- CDN: Global image delivery via Cloudinary
To test the application locally:
# Seed the database with sample data
python seed_inventory.py
# Set user roles
python set_role.pyThis project was created as part of COSC 4607 - Security and Protection coursework at Nipissing University.
Achyut Niroula
- Course: COSC 4607 - Security and Protection
- Institution: Nipissing University
- Semester: Fall 2025
- Firebase for authentication and real-time database
- Cloudinary for image CDN services
- Google Cloud Platform for serverless hosting
- Chart.js for data visualization
- Session persistence requires cookies enabled
- Image uploads limited to 10MB per file
- Real-time updates require manual refresh
- Real-time WebSocket updates
- Export data to CSV/PDF
- Mobile app (React Native)
- Barcode scanning
- Email notifications for low stock
- Multi-language support
- Dark/Light theme toggle