Generated: January 31, 2026 Repository: cornell-dti/redi Analysis Scope: Full codebase review for Technical Product Manager handoff
- Executive Summary
- Critical First Steps
- Complete Access Checklist
- Environment Variables Reference
- Setup Instructions
- Architecture Overview
- Known Issues & Technical Debt
- Missing Documentation
- Recommended Handoff Document Structure
REDI is a mentorship/dating platform for Cornell University students. It's a full-stack mobile and web application that matches Cornell students weekly based on compatibility scoring, facilitates conversations through in-app messaging, and provides an admin dashboard for managing the platform.
| Component | Technology | Version |
|---|---|---|
| Mobile App | React Native + Expo | Expo 53.0, RN 0.79.6, React 19 |
| Web App/Admin | Next.js | 15.5.2 with React 19 |
| Backend API | Express.js + TypeScript | Express 5.1.0 |
| Database | Firebase Firestore | Firebase Admin 13.5.0 |
| Authentication | Firebase Auth | Passwordless email links |
| Cloud Functions | Firebase Functions | Node 22 |
| Push Notifications | Expo Push + FCM | Expo Server SDK 4.0.0 |
| Hosting | Heroku (backend), Netlify (web) | - |
| Mobile Distribution | EAS Build | iOS App Store, Google Play |
redi/
├── frontend/ # React Native/Expo mobile app (iOS + Android)
├── backend/ # Express.js REST API + Firebase Cloud Functions
├── redi-web/ # Next.js web app (landing page + admin dashboard)
├── .github/ # CI/CD workflows
└── [config files] # Procfile, netlify.toml, etc.
- 51 integration tests (100% passing)
- 22 API route files in backend
- 18 service files handling business logic
- 6 React contexts managing frontend state
- 8 rate limit categories for API protection
-
Get GitHub Access
- Repository:
cornell-dti/redi - Need collaborator/team member access
- Repository:
-
Get Firebase Console Access
- Project:
redi-1c25e - Request Owner or Editor role
- Download service account credentials
- Project:
-
Get Heroku Access NOTE: Should be under DTI account
- App:
redi-app-8ea0a6e9c3d9 - View environment variables
- Access logs and metrics
- App:
-
Set Up Local Development
- Clone repository
- Install dependencies (Node 22.x required)
- Configure environment variables
- Run backend locally
- Run frontend in Expo
-
Get App Store Access NOTE: Should be under DTI account
- Apple Developer Account (iOS distribution)
- Google Play Console (Android distribution)
- App Store Connect for iOS submissions
-
Understand the Matching Algorithm
- Read
backend/MATCHING_ALGORITHM_GUIDE.md - Review
backend/src/services/matchingAlgorithm.ts
- Read
| Access | Purpose | Priority |
|---|---|---|
| GitHub (cornell-dti/redi) | Code repository, PRs, issues | Critical |
| VS Code / IDE | Development environment | Critical |
| Node.js 22.x | Runtime environment | Critical |
| npm | Package management | Critical |
| Access | Purpose | Priority |
|---|---|---|
| Firebase Console (redi-1c25e) | Database, auth, functions | Critical |
| Service Account JSON | Backend authentication | Critical |
| Firestore Database | Data storage | Critical |
| Firebase Authentication | User management | Critical |
| Cloud Functions | Scheduled jobs | Critical |
| Firebase Storage | Image storage | High |
| Access | Purpose | Priority |
|---|---|---|
| Heroku Dashboard (redi-app) | Backend deployment | Critical |
| Heroku Redis addon | Rate limiting | High |
| Netlify (redi-web) | Web app deployment | High |
| EAS (Expo) | Mobile builds | Critical |
| Access | Purpose | Priority |
|---|---|---|
| Apple Developer Account | iOS distribution | Critical |
| App Store Connect | iOS app management | Critical |
| Google Play Console | Android distribution | Critical |
| Firebase App Distribution | Internal testing | Medium |
| Access | Purpose | Priority |
|---|---|---|
| Gmail (redicornell@gmail.com) | Transactional emails | Critical |
| Gmail App Password | Nodemailer auth | Critical |
| Access | Purpose | Priority |
|---|---|---|
| Firebase Analytics | Usage tracking | Medium |
| Expo Push Dashboard | Notification monitoring | Medium |
| Domain registrar (redi.love) | DNS management | Low |
Create /backend/.env:
# Firebase Admin SDK (REQUIRED)
FIREBASE_PROJECT_ID=redi-1c25e
FIREBASE_CLIENT_EMAIL=firebase-adminsdk-fbsvc@redi-1c25e.iam.gserviceaccount.com
FIREBASE_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n"
# Admin Configuration (REQUIRED)
ADMIN_UID=<firebase-uid-of-admin-user>
# Email Service (REQUIRED for sign-in)
EMAIL_USER=redicornell@gmail.com
EMAIL_PASSWORD=<gmail-app-specific-password>
# Web Configuration
WEB_REDIRECT_URL=https://redi.love
# Server Configuration (OPTIONAL)
PORT=3001
NODE_ENV=development
# Redis (OPTIONAL - for distributed rate limiting)
REDIS_URL=<redis-connection-string>
# Push Notifications (OPTIONAL - for Expo push)
EXPO_ACCESS_TOKEN=<expo-access-token>Create /frontend/.env (development):
REACT_APP_API_BASE_URL=http://localhost:3001Create /frontend/.env.production:
REACT_APP_API_BASE_URL=https://redi-app-8ea0a6e9c3d9.herokuapp.comCreate /redi-web/.env:
NEXT_PUBLIC_API_BASE_URL=http://localhost:3001
NEXT_PUBLIC_ADMIN_UID=<same-as-backend-ADMIN_UID>Create /redi-web/.env.production:
NEXT_PUBLIC_API_BASE_URL=https://redi-app-8ea0a6e9c3d9.herokuapp.com
NEXT_PUBLIC_ADMIN_UID=<same-as-backend-ADMIN_UID>| Variable | Source |
|---|---|
FIREBASE_* credentials |
Firebase Console > Project Settings > Service Accounts > Generate new private key |
ADMIN_UID |
Firebase Console > Authentication > Find admin user > Copy UID |
EMAIL_PASSWORD |
Google Account > Security > App Passwords > Generate for "Mail" |
REDIS_URL |
Heroku Dashboard > redi-app > Resources > Heroku Redis > View Credentials |
EXPO_ACCESS_TOKEN |
Expo Dashboard > Account Settings > Access Tokens |
- Node.js: 22.x (use nvm:
nvm install 22 && nvm use 22) - npm: Comes with Node.js
- Git: For cloning repository
- Xcode: For iOS development (Mac only)
- Android Studio: For Android development (optional)
- Expo CLI:
npm install -g expo-cli - EAS CLI:
npm install -g eas-cli - Firebase CLI:
npm install -g firebase-tools
# Clone repository
git clone git@github.com:cornell-dti/redi.git
cd redi
# Install root dependencies
npm install
# Install backend dependencies
cd backend && npm install && cd ..
# Install frontend dependencies
cd frontend && npm install && cd ..
# Install web dependencies
cd redi-web && npm install && cd ..cd backend
# Create .env file (see Environment Variables section above)
cp .env.example .env # If exists, otherwise create manually
# Build TypeScript
npm run build
# Start development server
npm run devBackend should be running at http://localhost:3001. Test with:
curl http://localhost:3001/ping
# Should return: {"message":"pong","timestamp":"..."}cd frontend
# Create .env file
echo "REACT_APP_API_BASE_URL=http://localhost:3001" > .env
# Start Expo
npm startOptions:
- Press
ifor iOS Simulator - Press
afor Android Emulator - Scan QR code with Expo Go app on physical device
cd redi-web
# Create .env file
echo "NEXT_PUBLIC_API_BASE_URL=http://localhost:3001" > .env
# Start development server
npm run devWeb app runs at http://localhost:3000
cd frontend/ios
# Install CocoaPods dependencies
pod install
# Open in Xcode
open redi.xcworkspaceRequirements:
- Xcode 15+ (macOS only)
- iOS Simulator or physical device
- Apple Developer account for device testing
cd frontend/android
# Ensure Android SDK is configured
# Open in Android Studio or run:
./gradlew assembleDebugRequirements:
- Android Studio with SDK
- Android Emulator or physical device (USB debugging enabled)
┌─────────────────────────────────────────────────────────────────────┐
│ REDI PLATFORM │
└─────────────────────────────────────────────────────────────────────┘
┌──────────────────┐ ┌──────────────────┐ ┌──────────────────────────┐
│ MOBILE APP │ │ WEB APP │ │ BACKEND API │
│ (React Native) │ │ (Next.js) │ │ (Express.js) │
│ │ │ │ │ │
│ - iOS │ │ - Landing Page │ │ - REST Endpoints │
│ - Android │ │ - Admin Panel │ │ - Authentication │
│ - Expo │ │ - Analytics │ │ - Rate Limiting │
└────────┬─────────┘ └────────┬─────────┘ └────────────┬─────────────┘
│ │ │
│ HTTPS/REST │ │
└─────────────────────┼─────────────────────────┘
│
┌─────────────────────┴─────────────────────┐
│ │
▼ ▼
┌─────────────────────────┐ ┌─────────────────────────┐
│ FIREBASE SERVICES │ │ CLOUD FUNCTIONS │
│ │ │ │
│ - Firestore (DB) │ │ - activateWeeklyPrompt │
│ - Authentication │ │ (Mon 12:01 AM ET) │
│ - Storage (Images) │ │ │
│ │ │ - generateWeeklyMatches│
└─────────────────────────┘ │ (Fri 9:01 AM ET) │
└─────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────────────────┐
│ EXTERNAL SERVICES │
│ │
│ - Heroku (Backend Hosting) - Expo Push (Notifications) │
│ - Netlify (Web Hosting) - Gmail SMTP (Email) │
│ - Redis (Rate Limiting) - Google Sign-In (OAuth) │
└─────────────────────────────────────────────────────────────────────┘
| Collection | Purpose | Key Fields |
|---|---|---|
users |
User accounts | netid, email, firebaseUid, pushToken |
profiles |
User profiles | netid, firstName, bio, gender, pictures, clubs, interests |
preferences |
Match preferences | ageRange, genders, years, schools, majors |
weeklyPrompts |
Weekly questions | question, releaseDate, active, status |
weeklyPromptAnswers |
User answers | netid, promptId, answer |
weeklyMatches |
Generated matches | netid, promptId, matches[], revealed[] |
nudges |
Like/nudge system | fromNetid, toNetid, mutual |
conversations |
Chat threads | participantIds, messages (subcollection) |
notifications |
In-app notifications | netid, type, title, body, read |
blockedUsers |
Block relationships | blockerNetid, blockedNetid |
reports |
User reports | reporterNetid, reportedNetid, status |
admins |
Admin users | email, disabled |
adminAuditLogs |
Audit trail | action, adminUid, timestamp |
Location: backend/src/services/matchingAlgorithm.ts
Scoring Factors (0-100 points):
- School match: 20 points
- Major overlap: 15 points
- Year proximity: 15 points
- Age proximity: 15 points
- Interest overlap: 20 points
- Club overlap: 15 points
Process:
- Get all users who answered this week's prompt
- For each user, find compatible candidates (mutual preference matching)
- Score each candidate pair
- Filter out blocked users and previous matches
- Return top 3 matches per user
Schedule:
- Monday 12:01 AM ET: Activate weekly prompt
- Friday 9:01 AM ET: Generate matches for all users
1. User enters Cornell email (@cornell.edu required)
2. Backend sends passwordless sign-in link via Firebase
3. User clicks link in email
4. Link deep-links to mobile app or web
5. App exchanges link for Firebase ID token
6. Token sent as Bearer header on all API requests
7. Backend verifies token with Firebase Admin SDK
8. Admin users have additional `admin: true` custom claim
| Prefix | Purpose | Auth Required |
|---|---|---|
/api/auth |
Sign-in link generation | No (rate limited) |
/api/users |
User CRUD | Yes |
/api/profiles |
Profile management | Yes |
/api/preferences |
Match preferences | Yes |
/api/prompts |
Weekly prompts & answers | Yes |
/api/images |
Image upload | Yes |
/api/nudges |
Like/nudge system | Yes |
/api/chat |
Messaging | Yes |
/api/notifications |
In-app notifications | Yes |
/api/reports |
User reporting | Yes |
/api/admin/* |
Admin operations | Admin only |
| Issue | Location | Impact |
|---|---|---|
| Password update not implemented | frontend/app/(auth)/edit-password.tsx:47 |
Users cannot change passwords |
| Preference filters missing in matching | backend/src/routes/profiles.ts:661-666 |
Matching ignores some preferences |
Extensive as any type assertions |
Throughout frontend | Type safety compromised |
| Issue | Location | Impact |
|---|---|---|
| Deprecated dependencies | glob, inflight, rimraf |
Security/stability risk |
| In-memory rate limiting fallback | When Redis unavailable | Won't work across dynos |
| Hardcoded Firebase config | frontend/firebase.ts, redi-web/firebase.ts |
Should use env vars |
| Image cleanup on profile delete | backend/src/routes/profiles.ts:609 |
Storage bloat |
| Issue | Location | Impact |
|---|---|---|
| Deprecated type definitions | redi-web/src/types/admin.ts |
Code confusion |
Deprecated calculateAge() |
frontend/app/utils/profileUtils.ts:8 |
Should use getProfileAge() |
| Debug logging in production | redi-web/src/api/api.ts:29 |
Information leak |
| ImageManipulator API may be deprecated | PhotoUploadGrid.tsx:164 |
Future breakage |
frontend/app/(auth)/edit-password.tsx:47- Implement password update logicbackend/src/routes/profiles.ts:609- Delete associated images from storagebackend/src/routes/profiles.ts:661-666- Apply preference-based filteringfrontend/README_NAVIGATION.md:51-72- Backend integration, enhanced features
frontend/app/api/__tests__/apiClient.test.ts:290- "should throw error when user not authenticated"
| Document | Purpose | Priority |
|---|---|---|
.env.example files |
Template for environment setup | Critical |
DEPLOYMENT.md |
Step-by-step deployment guide | Critical |
CONTRIBUTING.md |
Contribution guidelines | High |
ARCHITECTURE.md |
System design overview | High |
DATABASE_SCHEMA.md |
Detailed Firestore schema | High |
SECURITY.md |
Security practices | Medium |
TROUBLESHOOTING.md |
Common issues and fixes | Medium |
| Document | Location | Quality |
|---|---|---|
| API Documentation | /API_DOCUMENTATION.md |
Excellent |
| Matching Algorithm Guide | /backend/MATCHING_ALGORITHM_GUIDE.md |
Excellent |
| Testing Guide | /backend/TESTING_GUIDE.md |
Excellent |
| Rate Limiting Guide | /backend/RATE_LIMITING_GUIDE.md |
Very Good |
| Testing README | /backend/TESTING_README.md |
Very Good |
| Cloud Functions Testing | /TESTING_CLOUD_FUNCTIONS.md |
Good |
| Main README | /README.md |
Good |
# REDI Platform - TPM Handoff Document
## Part 1: Getting Started (Week 1)
1.1 Access Checklist (with confirmation checkboxes)
1.2 Local Development Setup
1.3 Understanding the Codebase
1.4 Key Contacts and Resources
## Part 2: Platform Overview
2.1 What is REDI?
2.2 User Journey (with screenshots)
2.3 Admin Dashboard Overview
2.4 Weekly Matching Cycle
## Part 3: Technical Architecture
3.1 System Architecture Diagram
3.2 Technology Stack Details
3.3 Database Schema
3.4 API Reference
3.5 Authentication Flow
3.6 Matching Algorithm Explanation
## Part 4: Development Workflow
4.1 Git Branching Strategy
4.2 Pull Request Process
4.3 Code Review Guidelines
4.4 Testing Requirements
4.5 CI/CD Pipeline
## Part 5: Deployment Guide
5.1 Backend Deployment (Heroku)
5.2 Web App Deployment (Netlify)
5.3 Mobile App Builds (EAS)
5.4 App Store Submissions
5.5 Cloud Functions Deployment
5.6 Rollback Procedures
## Part 6: Operations
6.1 Monitoring and Alerts
6.2 Common Issues and Troubleshooting
6.3 Weekly Maintenance Tasks
6.4 User Support Procedures
6.5 Admin Operations
## Part 7: Known Issues & Roadmap
7.1 Current Technical Debt
7.2 Planned Features
7.3 Performance Considerations
7.4 Security Considerations
## Appendices
A. Environment Variables Reference
B. Firebase Collections Reference
C. API Endpoints Reference
D. Emergency Contacts
E. Glossary of Terms| File | Purpose |
|---|---|
/Procfile |
Heroku web process |
/netlify.toml |
Netlify deployment config |
/frontend/app.config.js |
Expo app configuration |
/frontend/eas.json |
EAS build profiles |
/backend/firebase.json |
Firebase project config |
/backend/firestore.rules |
Database security rules |
/backend/firestore.indexes.json |
Database indexes |
| File | Purpose |
|---|---|
/backend/src/services/matchingAlgorithm.ts |
Matching algorithm |
/backend/src/services/matchingService.ts |
Match generation service |
/backend/src/services/pushNotificationService.ts |
Push notifications |
/backend/src/services/emailService.ts |
Email sending |
/backend/src/middleware/auth.ts |
Authentication |
/backend/src/middleware/rateLimiting.ts |
Rate limiting |
| File | Purpose |
|---|---|
/frontend/app/_layout.tsx |
Root layout with providers |
/frontend/app/index.tsx |
Welcome/login screen |
/frontend/app/(auth)/(tabs)/_layout.tsx |
Main tab navigation |
/frontend/firebase.ts |
Firebase initialization |
| File | Purpose |
|---|---|
/backend/functions/src/index.ts |
Function definitions |
/backend/functions/src/services/ |
Shared services (copied from backend) |
# Start all services
cd backend && npm run dev # Backend on :3001
cd frontend && npm start # Expo dev server
cd redi-web && npm run dev # Web on :3000
# Run tests
cd backend && npm run test:integration # Integration tests
cd backend && npm test # Unit tests
cd frontend && npm test # Frontend tests
# Linting and formatting
npm run format # Format entire repo
npm run lint # Lint entire repo# Backend (Heroku)
git push heroku main
# Web (Netlify)
# Auto-deploys from main branch
# Mobile (EAS)
cd frontend
eas build --platform ios --profile production
eas build --platform android --profile production
eas submit --platform ios
eas submit --platform android
# Cloud Functions
cd backend/functions
npm run build
npm run deploy# Deploy Firestore rules
firebase deploy --only firestore:rules
# Deploy indexes
firebase deploy --only firestore:indexes
# View function logs
firebase functions:logThis analysis was generated by examining the complete REDI codebase. For questions or clarifications, consult the existing documentation in the repository or reach out to the development team.