Section 7 of 8 · System Architecture
Section 07

System Architecture

IndahFarm runs on a modern edge stack — TanStack Start on Cloudflare Workers for SSR, Supabase (PostgreSQL + Auth + Storage + Realtime) as the data plane, and Lovable AI for premium intelligence features (admin/government gated).

System Architecture
Client / Devices
Web (TanStack Start)PWAMobile browsersGovernment TV / projector
Edge / SSR
Cloudflare WorkersServer functionsAPI routes (/api/public/*)
Auth & Roles
Supabase Authuser_roles tablehas_role() RLS function
Data & Storage
PostgreSQL (RLS)Storage bucketsRealtime channelspg_cron
Intelligence (Premium gated)
Lovable AIOutbreak detectionSmart matchingPerformance scores
External
Government APIs (DVS / UPEN)Payment gatewayWhatsApp / SMS

Authentication flow

loginJWTbeareras userUserBrowser clientSupabase AuthSessionServer fn + RLSDB query

Role permission hierarchy

AdminGov OfficerVetFarmerBuyerRider

Admin sees and controls everything. Government officers oversee verification, analytics, and outbreaks. Vets handle clinical data. Farmers own their farm data. Buyers and riders interact only with their orders and deliveries.

API communication

  • createServerFn — type-safe RPC for client → server (auth-protected with requireSupabaseAuth).
  • /api/public/* — webhooks, cron endpoints, public read-only APIs (signature-verified).
  • Realtime — Supabase channels broadcast live updates for orders, deliveries, and outbreaks.
  • Edge Functions — premium AI handlers (symptom triage, farm coach) gated to admin/gov roles only to protect credits.
Rider ManagementDatabase ERD