Sprint Goal
Deliver the complete technical foundation for the Pantry App so that all future feature sprints can build on a tested, deployed base. This includes the database schema, authentication, household management, and a deployable React scaffold with design tokens applied.
User Stories
| ID |
Story |
Points |
Priority |
| US-1 |
As a developer, I need a React/Vite scaffold with routing and design tokens so that I can build feature pages consistently. |
5 |
P0 |
| US-2 |
As a developer, I need the Supabase schema (7 tables) so that all features have a data layer to build on. |
8 |
P0 |
| US-3 |
As a developer, I need RLS policies with helper functions so that household data is isolated at the database level. |
8 |
P0 |
| US-4 |
As a user, I can sign up, sign in, and sign out so that my data is secure and personal. |
5 |
P0 |
| US-5 |
As Lerato (manager), I can create a household and invite Thabo and Grace so that the whole family can use the app. |
5 |
P1 |
| US-6 |
As a developer, I need protected routes so that unauthenticated users cannot access app pages. |
3 |
P0 |
Task Breakdown
US-1: React/Vite Scaffold (5 SP)
- Initialize React 19 + Vite 8 project with ESLint
- Set up folder structure: pages, components, hooks, lib, styles
- Configure React Router with placeholder pages
- Implement OKLCH design tokens as CSS custom properties
- Add Vitest + React Testing Library configuration
- Create base layout component with navigation shell
US-2: Supabase Schema (8 SP)
- Create
households table with owner reference and currency default (ZAR)
- Create
household_members table with role enum (manager, member, viewer)
- Create
categories table with household scope and sort ordering
- Create
inventory_items table with category FK, quantity, unit, expiry
- Create
baseline_stock table for target stock levels
- Create
receipts table with JSONB items column and store reference
- Create
budget_periods table with monthly budget and spend tracking
- Write 97 schema tests covering all constraints and foreign keys
US-3: RLS Policies (8 SP)
- Enable RLS on all 7 tables
- Create
get_user_household_ids() helper function
- Create
get_user_role(household_id) helper function
- Write SELECT policies: users see only their household data
- Write INSERT policies: users can add to their households
- Write UPDATE/DELETE policies: role-based restrictions (managers only for destructive ops)
- Write 57 RLS tests covering cross-tenant isolation and role enforcement
US-4: Auth Flow (5 SP)
- Integrate Supabase Auth client
- Build sign-up page with email/password
- Build sign-in page with session management
- Implement sign-out with session invalidation
- Create AuthContext provider for app-wide auth state
- Write 11 auth flow tests
US-5: Household Creation + Invite (5 SP)
- Household creation form, creator auto-assigned as manager
- Member invite flow via email
- Accept invite and join household
- Household selector for users in multiple households
US-6: Protected Routes (3 SP)
- Create ProtectedRoute wrapper component
- Redirect unauthenticated users to login page
- Preserve intended destination for post-login redirect
- Write 9 component tests for auth guards and routing
Team Roster
| Role |
Primary Stories |
Responsibilities |
| Tech Lead | US-2, US-3 | Architecture, schema design, RLS policies, code review |
| Full-Stack Dev | US-1, US-6 | React scaffold, routing, design tokens, protected routes |
| Backend Dev | US-2, US-3 | Supabase migrations, helper functions, schema + RLS tests |
| QA Engineer | US-4, US-5 | Auth integration, household flows, component tests, CI/CD |
Definition of Done
- All code merged to main branch
- All 174 tests passing in CI
- Production build deploys to Cloudflare Pages without errors
- RLS tests confirm zero cross-tenant data leakage
- Auth flow works end-to-end: sign-up, sign-in, sign-out
- Protected routes redirect unauthenticated users
- Code reviewed by at least one other team member