Membership Cards
Overview
Admins issue, manage, and revoke digital membership cards for club members. Each card has a tier (NORMAL / SILVER / GOLDEN) and an expiry date. Members use their card QR code as proof of membership.
Workflow
Membership Tiers
| Tier | Description | Typical Use |
|---|---|---|
| NORMAL | Standard member | Default for new members |
| SILVER | Premium member | Active contributors |
| GOLDEN | VIP member | Long-standing or high-KT members |
Step-by-Step: Issue a Membership Card
- Navigate to Admin → Memberships (
/admin/memberships). - Click "Issue Card".
- Search for the member by name/email.
- Select: tier, expiry date.
- Click "Issue".
- The member can immediately generate their QR card at
/membership.
Step-by-Step: Revoke a Card
- Find the member's active card in the admin list.
- Click "Revoke" → confirm the dialog.
- The
revokedAttimestamp is set. - When anyone scans the member's QR, the verification page shows "REVOKED".
Admin QR Management Page
The Admin QR Page (/admin/qr) provides a broader view of all QR-related entities:
- List all membership cards with status (active / expired / revoked)
- Filter by tier or status
- Export as PDF (using
usePdfExporthook)
Application Properties
| Property | Default | Description |
|---|---|---|
rcb.membership.tiers | [NORMAL, SILVER, GOLDEN] | Available tier configurations |
Security Notes
- ADMIN only can issue, update, and revoke cards.
- Each card has a random UUID token (not sequential) — cannot be guessed or enumerated.
- The public verification endpoint exposes only: member name, tier, validity. No PII beyond name.
QA Checklist
- Issue SILVER card to member → member can generate QR
- Member verifies their QR → shows correct name, tier, expiry
- Revoke card → verification page shows REVOKED
- Issue new card after revocation → new card works
- Expired card → verification shows EXPIRED
- List all cards → paginated with status filter working