The Uploader is built on a React front end App and Azure function App backend, newly built applications with self-managed hosting by the Commission.

Frontend Design: React Application

1. React Framework: Utilises Create React App with TypeScript for a fast setup and type safety.

2. Tailwind CSS: Provides a utility-first approach to styling, ensuring a responsive and consistent UI.

3. File Upload Handling:

• Uses react-dropzone for drag-and-drop file uploads.
• Supports built-in validation and flexibility.
• Implements feedback mechanisms (e.g., progress bars, validation errors).

4. State Management:

• React’s built-in state management (useState, useReducer) where applicable.
• Consideration for external state management solutions if complexity increases (e.g., Redux, Zustand).

5. Routing:

• Utilises React Router for navigation.
• Potential private routes for user authentication (if required in future iterations).

7. Security Considerations:

• CSRF protection through token-based authentication.
• Strict CORS policies to control access.
• Input validation to mitigate injection attacks.

8. Error Handling:

• Toastify for error notifications

Backend Design: .NET Azure Function Apps

The backend is built using .NET Azure Function Apps, designed to be lightweight, event-driven, and scalable.

1. Small, single-responsibility functions: Each function is designed to perform a specific task.

2. Event-driven execution: Functions trigger based on HTTP requests, storage events, or message queues.

3. Minimal overhead: No unnecessary dependencies or frameworks to keep the solution lean and efficient.

4. Separation of Concerns:

• Service layers for handling business logic.
• Repository pattern for data persistence (if applicable).

5. Dependency Injection:

• Built-in dependency injection for service registration.
• Ensures modularity and testability.

6. Logging & Monitoring:

• Uses Serilog for structured logging. Logs integrated with Azure Application Insights for tracking and diagnostics.
• Error Handling:

         -Centralised error handling pattern to manage exceptions gracefully.

          -Custom error response objects to standardize API responses.

7. Security Best Practices:

• Role-based access control (RBAC) via Azure Active Directory
• Input sanitisation and validation to prevent security vulnerabilities.
• Encryption of sensitive data at rest and in transit.

Scope of support services

Includes essential monitoring, reporting, management and admin tasks including development and enhancement work. Support package can be used for enhancements, training etc at buyers' discretion. Support should include

1. Monthly reporting

2. Monthly meeting

3. Business Hours support and monitoring of your web application

4. Management of hosting providers

5. Open unlimited support tickets (action on tickets are capped to support hours)

6. Up to five nominated Support users

7. Access to an online helpdesk

8. Access to the following capabilities;

• Software development
• UX/UI design
• Architecture
• Service design
• Content design

9. Bug fixes

10. Feature development

11. Training and support

12. Content publishing

13. Any other service you require

Support SLAs

1. Priority: P1 - Critical & P2 Urgent

• First response SLA: 4Hrs
• Update: 24 Hours
• Coverage: Business Hours

2. Priority: All Other Issues

• First response SLA: 1 Business Day
• Update: 7 Business Days
• Coverage: Business Hours