Building the Institution Members Module for My Blockchain Voting App
Source: Dev.to
Why I Needed This Feature
If anyone can register with arbitrary identity data, the trust model becomes weak from the start. In this project, I wanted registration to begin from a controlled institutional directory instead of trusting user‑entered details.
The Institution Members feature acts as the eligibility source for account creation. It stores records such as:
- Institution ID
- Full name
- Institutional email
- Role
- Department
- Year level
- Voter registration status
This ties registration to known institutional data rather than self‑declared identity.
How It Works in the Registration Flow
- A user enters their institution ID.
- The backend looks up that ID in the institution directory.
- If the record exists, the system loads the official member data.
- If the member is already registered, the process stops and the user is asked to log in.
- If the member is eligible, the system sends an OTP to the official institutional email.
- After OTP verification, the user sets a password and completes registration.
- The backend creates the voter account using the verified directory data.
- The member is marked as a registered voter in the directory.
This design avoids trusting identity fields typed manually by the user.
Why OTP Verification Matters
Someone might know another person’s ID, so OTP verification is sent to the institutional email address associated with that record. This provides a second proof that the registrant is actually linked to the institutional identity, strengthening the registration boundary.
How I Prevent Duplicate Registration
- The institution directory tracks whether a member is already registered using a voter status flag.
- The frontend shows registered members as unavailable.
- The backend checks whether the institution ID already exists before sending OTP.
- The backend checks again during final registration using both institution ID and email.
- The institution directory enforces unique institution IDs and emails.
- After successful registration, the member is marked as a voter to block future attempts.
A layered approach ensures registration integrity does not rely on a single UI check or database lookup.
What I Learned
A directory lookup, a status flag, an OTP check, and a uniqueness constraint may not sound as exciting as blockchain logic, but these controls define who is allowed into the system at all. In a voting app, that matters a lot. Trust starts before vote casting—it starts at registration.
Closing
I’ll be sharing more modules from the system next, including how registration connects to the actual voting flow.