Holoholona by AstrUHoids

Inspiration

AstrUHoids developed Holoholona as a solution to the Hawai'i Department of Agriculture's (H.D.O.A) current issue of knowing who is waiting outside of their office to pick up their pets. Due to covid-19, there is currently only allowed up to two individuals allowed inside the room at once. This makes it hard and frustrating for those who just got off a long flight and are waiting in the hot sun to check-in to let the staff know that they are waiting for their pet.

What it does

Holoholona is a check-in application for the H.D.O.A where pet owners can check in without needing an account. After owners check-in with our application, they will receive an automated email confirmation letting them know the check-in was successful. If they are still unsure, there is a public view of check-in IDs that can help put their mind at ease knowing that they have been noticed. On this same page, the admin can send an automated email letting the owner know their pet is ready to be picked up. Once everything has gone through, the check-in can be deleted, as this application is meant to be used to check-in and not a place to store data long-term. Lastly, we have a simple chatbot where pet owners can ask general questions about the use of our application.

Test out our app

Since there is no user login is required for checking-in, you can test out the pet owner's side of the app by going to our deployed site. For testing administrative side of the application, the following credentials can be used:

Email: admin@holoholona.com
Password: changeme

Challenges we ran into

The main challenge was finding the best 'no-budget' solution. H.D.O.A stated that they do not have much funds to go around so we were trying to keep that in mind when looking into APIs and services. We originally thought of Twilio to send SMS to the owner once their pet is ready, but that cost money. The next solution was to use a web push, but iPhones currently lack the permissions to receive them. We settled on doing an email notification as anyone with an email can receive it.

Accomplishments that we're proud of

AstrUHoids believes that Holoholona provides an intuitive user experience (UX) for both the pet owner and staff at H.D.O.A. On the user end, we provide a simple check-in form that ask for basic contact information. That's it. No sign-up required, just a way for the pet owners to let them know they are there waiting for their pet. On the administrative side, they are able easily send an automated email notifying the owner their pet is ready to be picked up or delete the check-in ID.

Security and Privacy

Our app includes a form that anyone can fill out and submit and one of the submitted fields is publicly available to see. This does create a concern for XSS if someone were to try to embed a malicious script in this publicly accessible field. However, React does take care of this for us since it auto-escapes displayed text. E.g., if someone were to attempt to embed <script> tags, they would not be interpreted as such.

Though the database will contain some personal information such as first and last name, email, and phone number, this information does not need to be stored for very long. After owners pick up their pets, their information is deleted from the database. If there are any lasting check-in entries within the database, they can be deleted 12-hrs after their time of creation as this would be adequate time to have checked-in and received their pet (assuming their pet is cleared).

Ways to prevent the database contents from being leaked include two factor authentication into the application, and requiring a certificate to connect to the database server. These solutions help prevent bad actors from simply brute forcing an admin login on both the site and the database. Only designated parties would have access to the data.

Built With

• bootstrap
• javascript
• meteor.js
• mongodb
• react
• react-simple-chatbot