Enterprise Rewards & Inventory Management Platform for Amazon EU Logistics
How the components connect โ from browser to storage
How data moves from site upload to employee dashboard
Swag-Zuteilung files (Attendance, Birthday, Dragonfly) with employee_id and swag_amount columns. CSV only, strict validation.
CSV Validator checks exact columns, data types, empty cells, duplicates, and scans for injection attacks before upload.
JWT token sent with request. Lambda extracts user identity from token, validates site ownership, checks for duplicates via MD5 hash.
Lambda loads schema from S3 config, re-validates CSV, sanitizes all values, scans for security threats. Rejects invalid data.
Data saved to: {Division}/data-upload/{type}/{site}/{date}/{user}/{file}.csv with upload manifest containing full audit trail.
DynamoDB serves real-time balance, transaction history, and product catalog. Points calculated from earned minus spent. (Planned)
Midway SSO via Amazon Federate SAML + Cognito PKCE
3D landing page appears. Body hidden (opacity: 0) until authenticated. User clicks "Sign In with Midway".
App generates code_verifier + code_challenge. Redirects to Cognito Hosted UI with SAML identity provider.
Cognito redirects to Amazon Federate SAML endpoint. Federate authenticates via Midway (badge or PIN).
SAML assertion returns to Cognito. Cognito exchanges authorization code for JWT tokens (ID + Access + Refresh).
JWT stored in sessionStorage. User claims extracted (alias, email, department, job level). App becomes visible.
Token auto-refresh before expiry. 15-minute idle timeout with warning. Logout clears all tokens and redirects to landing.
Organized by division, category, site, and date
Built on AWS serverless โ scales automatically
Static hosting, auto-deploy
OAuth2 PKCE, JWT tokens
SAML SSO, Midway auth
REST API, CORS, routing
Python 3.12, serverless
Data lake, structured storage
Fast queries, auto-scale (planned)
Analytics dashboards
Defense in depth โ every layer validates
Midway SSO via Federate SAML. PKCE flow prevents token interception. JWT signed by Cognito.
JWT claims verified on backend. User identity from token only โ never from frontend input.
Strict schema: exact columns, data types, ranges. Rejects extra columns, empty cells, duplicates.
Trim whitespace, strip HTML/scripts, remove non-printable chars. Max cell length enforced.
Blocks formula injection (=, +, -), script tags, JS URIs, eval(), DOM manipulation attempts.
Users can only upload for their own site. Site code validated from JWT location claim and filename.
HTTPS only. CORS restricted to Amplify domain. 20-second request timeout.
Every upload creates a manifest with user, timestamp, file hash, row count. Duplicate detection via MD5.