Hebrew (RTL), mobile-first web app for urban planning transparency in Israel. Users view a map of their neighborhood, see official municipal planning data (construction permits, road work, city plans from Tel Aviv GIS, iplan, and mavat), and crowdsource community reports (noise, blockages, etc.).
Features: address comparison, favorites, reviews, voting, push notifications (web + Android + iOS via FCM), GPS proximity alerts, neighborhood comparison with K-Means clustering, national MAVAT plan-lifecycle events, forgot-password flow, and a gamification system (XP / streaks).
| Feature | Description |
|---|---|
| Map layers | Official municipal data from Tel Aviv GIS, iplan, and MAVAT (national coverage) |
| Community reports | Crowdsource noise, blockages, and local events with voting |
| Neighborhood comparison | K-Means clustering analysis comparing neighborhoods by permit/plan activity |
| GPS proximity alerts | Subscribe to a location and receive a push when nearby events are created |
| Address comparison | Side-by-side plan and permit data for two addresses |
| Favorites & reviews | Save locations, leave reviews, earn XP / streaks |
| Push notifications | Web (Service Worker + VAPID), Android, and iOS via FCM |
| Auth | Email/password (with forgot-password flow), Google OAuth, JWT rotation |
| Onboarding | User role and reason captured at registration, automatic login on return |
| Event sharing | Deep-link share cards for events |
- Frontend: hosted on Azure App Service (Israel Central)
- Backend API:
https://app-groundshare-api.azurewebsites.net - Database: Azure SQL Database (
sql-groundshare-il.database.windows.net)
| Layer | Stack |
|---|---|
| Frontend | React 19, TypeScript 6, Vite 6, Tailwind CSS 4, React Router 7, @vis.gl/react-google-maps, vite-plugin-pwa |
| UI components | MUI 9 (Material UI + icons), Radix UI primitives, shadcn/ui, Motion 12, Recharts |
| Mobile shell | Capacitor 8 (iOS + Android) wrapping the Vite build, @capacitor/push-notifications, Google Services (iOS + Android) |
| Backend | ASP.NET Core 8 Web API (C#), pure ADO.NET (no EF Core), FluentValidation, Serilog |
| Database | Microsoft SQL Server with stored procedures |
| Cloud | Azure App Service, Azure SQL, Azure Blob Storage, Azure Key Vault, Application Insights |
| Auth | JWT (access 15min / refresh 14d with rotation), Google OAuth, BCrypt |
| Notifications | Firebase Cloud Messaging (web + Android + iOS), FirebaseAdmin SDK on backend |
| Testing | Vitest, Testing Library (React) |
.github/ CI/CD workflows
docs/ Setup, deploy, security, and AI context docs
src/
01-database/ SQL schema + stored procedures (GroundShareDB.sql)
02-server/ ASP.NET Core 8 Web API (Controllers / DAL / BL / Services)
03-client/ React + Vite frontend + Capacitor native shell
tools/ Git hooks (gitleaks pre-commit)
- docs/SETUP.md — local development environment setup
- docs/DEPLOY.md — Azure deployment guide
- docs/SECURITY.md — security architecture and policy
- docs/CLAUDE.md — AI assistant context (architecture patterns, conventions)
# Database: run src/01-database/GroundShareDB.sql in SSMS against local SQL Express
# Backend (port 5227)
cd src/02-server && dotnet run
# Frontend (port 5173)
cd src/03-client && npm install && npm run devBackend requires src/02-server/appsettings.Development.json (gitignored) with local
SQL connection string, JWT key, and Google Maps API key. See
SETUP.md for the full config template.
Frontend optionally reads src/03-client/.env.local (gitignored) for the
VITE_FIREBASE_* web push config — without it, web push is silently disabled
in dev. Native Android picks up google-services.json directly from
android/app/.
Cross-platform push via Firebase Cloud Messaging — web (Service Worker + VAPID),
Android, and iOS (Capacitor + google-services.json / GoogleService-Info.plist).
Backend sends with the FirebaseAdmin SDK using a service-account JSON pulled
from Azure Key Vault.
Two trigger paths:
- Event created at a subscribed location — all subscribers except the author receive a push with event details and a deep-link payload.
- GPS proximity — users subscribed to GPS alerts receive a push when a new event is created within their configured radius.
Four independent config flows:
| Layer | Where config lives | Why |
|---|---|---|
| Backend (Azure) | Key Vault secret Fcm--ServiceAccountJson |
Runtime read via Managed Identity |
| Web (CD) | GitHub Actions Variables VITE_FIREBASE_* |
Baked into Vite bundle at build time (Firebase web config is public) |
| Android (local) | src/03-client/android/app/google-services.json |
Compiled into APK by npx cap sync android |
| iOS (local) | src/03-client/ios/App/GoogleService-Info.plist |
Compiled into IPA by npx cap sync ios |
- All secrets live in Azure Key Vault in production (Managed Identity, no env vars)
- Pre-commit hook runs
gitleaks protect --stagedto block accidental commits - Dependabot + CI scan every PR for vulnerable dependencies
- PII redaction enricher in Serilog masks tokens, emails, and JWT claims in logs
Private project. All rights reserved.