A comprehensive full-stack management platform for the Penn State Cybersecurity Club (MRM360), built to streamline member onboarding, event management, team coordination, and community engagement.
MRM360 is a modern club management system designed specifically for cybersecurity organizations. It provides a complete solution for managing members, teams, events, attendance tracking, and integrations with external services like Discord and newsletter platforms.
- OIDC Authentication: Secure login via Authentik integration
- User Profiles: Comprehensive member profiles with interests, class rank, and preferences
- Role-Based Access Control: Admin, Executive Board, and Member roles with granular permissions
- QR Code Generation: Unique QR codes for each member for event check-in
- Interest Tracking: Members can select interests (Offense/CPTC, Defense/CCDC, CTF, Gaming) for team assignment
- Event Creation & Management: Full CRUD operations for events
- RSVP System: Members can RSVP to events with confirmation/decline options
- Attendance Tracking: QR code-based check-in system for events
- Waitlist Support: Automatic waitlist management for capacity-limited events
- Event Categories: Support for workshops, competitions, social events, and more
- Team Organization: Manage competition teams (CPTC, CCDC) and interest-based teams
- Team Membership: Track members across multiple teams
- Team Provisioning: Automated provisioning across Nextcloud, Wiki.js, and Discord
- Subteam Support: Hierarchical team structures with parent-child relationships
- Discord Bot: Automatic role assignment and channel access based on interests and teams
- ListMonk Newsletter: Newsletter subscription management
- Authentik: OIDC authentication and group synchronization
- Nextcloud: File sharing and collaboration
- Wiki.js: Documentation and knowledge base
- Admin Dashboard: Comprehensive overview of members, events, and teams
- Task Management: Background job monitoring and management
- User Dashboard: Personalized view for members
- BullMQ Integration: Asynchronous job processing with Redis
- Team Provisioning: Automated setup across multiple services
- Discord Role Management: Automatic role assignment and updates
- Newsletter Sync: ListMonk subscription synchronization
- QR Code Generation: Background generation of member QR codes
- Framework: Vue 3 with TypeScript
- Build Tool: Vite
- UI Framework: Tailwind CSS
- State Management: Pinia
- Routing: Vue Router
- Form Validation: Vee-Validate with Yup
- QR Code: qrcode-vue3
- HTTP Client: Axios
- Notifications: Vue Toastification
- Framework: Next.js 14 with TypeScript
- Database: PostgreSQL with Prisma ORM
- Authentication: Authentik OIDC
- Authorization: CASL (permissions)
- Background Jobs: BullMQ with Redis
- API Documentation: Swagger/OpenAPI 3
- Validation: Zod schemas
- Discord Integration: discord.js
.
├── frontend/ # Vue 3 frontend application
│ ├── src/
│ │ ├── pages/ # Page components
│ │ ├── components/ # Reusable components
│ │ ├── stores/ # Pinia stores
│ │ ├── router/ # Vue Router configuration
│ │ ├── services/ # API services
│ │ └── types/ # TypeScript types
│ └── package.json
│
└── backend/ # Next.js backend API
├── src/
│ ├── pages/api/ # API routes
│ ├── managers/ # Business logic layer
│ ├── middleware/ # Request middleware
│ ├── permissions/ # CASL abilities
│ ├── tasks/ # Background job processors
│ └── utils/ # Utility functions
├── prisma/ # Database schema
└── package.json
- Node.js 18+ and npm
- PostgreSQL 13+
- Redis 6+
- Authentik instance (for OIDC authentication)
- Discord Bot (optional, for Discord integration)
- ListMonk (optional, for newsletter)
-
Clone the repository
git clone <repository-url> cd mrm360
-
Install backend dependencies
cd backend npm install -
Install frontend dependencies
cd ../frontend npm install -
Set up environment variables
Backend (
backend/.env.local):DATABASE_URL="postgresql://user:password@localhost:5432/mrm360" REDIS_URL="redis://localhost:6379" NEXTAUTH_SECRET="your-secret-key" AUTHENTIK_CLIENT_ID="your-client-id" AUTHENTIK_CLIENT_SECRET="your-client-secret" AUTHENTIK_ISSUER="https://auth.psuccso.org" DISCORD_BOT_TOKEN="your-discord-bot-token" DISCORD_GUILD_ID="your-guild-id" LISTMONK_API_URL="http://localhost:9000" LISTMONK_API_KEY="your-listmonk-api-key"
Frontend (
frontend/.env.local):VITE_API_BASE_URL=http://localhost:3000/api VITE_AUTHENTIK_BASE_URL=https://auth.psuccso.org VITE_AUTHENTIK_CLIENT_ID=your-client-id VITE_AUTHENTIK_REDIRECT_URI=http://localhost:3010/auth/callback VITE_DISCORD_CLIENT_ID=your-discord-oauth2-client-id VITE_DISCORD_REDIRECT_URI=http://localhost:3010/join/dd-verify
-
Set up the database
cd backend npx prisma generate npx prisma db push -
Start the development servers
Backend:
cd backend npm run devFrontend:
cd frontend npm run dev -
Start background workers (optional)
cd backend npm run worker:team-provisioning npm run worker:discord
cd backend
npm run create-admin- Join the Club: Visit
/jointo create an account - Link Discord: Connect your Discord account for role assignment
- Set Interests: Select your cybersecurity interests for team assignment
- RSVP to Events: Browse and RSVP to upcoming events
- Check In: Use your QR code to check in at events
- User Management: Create, edit, and manage member accounts
- Event Management: Create events, manage RSVPs, and track attendance
- Team Management: Organize teams and assign members
- Task Monitoring: Monitor background job processing
- System Configuration: Manage integrations and settings
- User initiates login via OIDC
- Redirected to Authentik for authentication
- Authentik redirects back with authorization code
- Backend exchanges code for tokens
- Session established with user identity and groups
- Admin: Full system access, user management, system configuration
- Executive Board: User and team management, event creation
- Member: Basic access to events, teams, and profile management
Permissions are enforced using CASL abilities defined in backend/src/permissions/abilities.ts.
Visit /docs when running the backend for interactive API documentation.
- Authentication:
/api/auth/* - Users:
/api/users/*,/api/user/* - Teams:
/api/teams/* - Events:
/api/events/* - Tasks:
/api/tasks/* - Discord:
/api/discord/* - Join/Onboarding:
/api/join/*
The system uses BullMQ for asynchronous job processing:
- Team Provisioning: Automatically provisions teams across Nextcloud, Wiki.js, and Discord
- Discord Role Management: Assigns and updates Discord roles based on user interests
- Newsletter Sync: Synchronizes newsletter subscriptions with ListMonk
- QR Code Generation: Generates QR codes for member check-in
Start workers with:
npm run worker:team-provisioning
npm run worker:discord# Backend
cd backend
npm run lint
npm run type-check
# Frontend
cd frontend
npm run lint
npm run type-checkcd backend
npx prisma migrate dev
npx prisma generate# Backend tests
cd backend
npm run test
# Frontend tests
cd frontend
npm run testBackend:
cd backend
npm run build
npm startFrontend:
cd frontend
npm run build
# Serve the dist/ directory with your web server- Set
NODE_ENV=production - Use production database and Redis instances
- Configure proper CORS settings
- Set secure session secrets
- Enable HTTPS
- Configure reverse proxy (nginx, etc.)
- Follow TypeScript best practices
- Maintain separation of concerns (managers for business logic)
- Add comprehensive error handling
- Update API documentation (Swagger)
- Include proper logging
- Write tests for new features
- Follow the existing code style
This project is proprietary to MRM360 / Penn State Cybersecurity Club.
For technical support or questions:
- Create an issue in the repository
- Contact the development team
- Check the API documentation at
/docs - Review the backend README at
backend/README.md
Built for the Penn State Cybersecurity Club (MRM360) to streamline club operations and enhance member engagement.