Cohort Connect

When grad-school peers meet in person, they still ask "what do you do?" from scratch, and organizers spend energy collecting that information through KakaoTalk, Google Forms, and spreadsheets that fall apart between events. As the semester progresses, the cost of re-collecting the same data piles up - while the actual unit it could form (sub-groups, interest pods) stays invisible.

Internal use for SKKU EMBA cohort 119 (the organizer is me). The premise: if you don't capture "who'd like to do what with whom" once, early, the rest of the semester runs inefficiently.

Cohort members trying to find smaller groups around similar interests, jobs, or regions - and the organizers who have to design those groups.

Put a school-domain-gated single site in front of (1) the survey, (2) announcements + anonymous feedback, (3) emergency contacts, and (4) meeting rooms, and "who's interested in what" becomes an operable shape - the organizers stop bouncing between KakaoTalk, Forms, and spreadsheets.

• @g.skku.edu-restricted Google OAuth - the security boundary that keeps the site to cohort members only
• Networking survey - basic info, interests, preferred regions, and job/industry in one form, with previous responses loaded for edit-and-resubmit
• Announcements and a login guide unified on the first post-login screen
• Anonymous feedback - completely separated from login identity, with five categories (operations, communication, cost, networking, other)
• Emergency contacts, meeting rooms, and a self-managed profile area for each peer
• Operator whitelist (ADMIN_EMAILS) plus Supabase RLS - the operator-vs-peer boundary enforced at the database layer
• Deployed Next.js 15 on Cloudflare Workers via the OpenNext adapter, so semester-level operating cost stays close to zero

• School-domain-gated OAuth - the trust signal of "who's actually inside" decides whether peers will fill in their data honestly
• Anonymous feedback shows three explicit promises on screen ("not linked to login info, no IP or device data, operators see content only") - the guarantee has to feel real for the first piece of feedback to land
• RLS at the database layer - a frontend mistake doesn't become a data exposure
• Operators are peers - no separate ops site; "manage" actions ride on top of the peer-facing screens
• Landing notes "first-time account setup takes 2-3 minutes" - the friction reads as expected procedure, not a broken site

In active internal use for SKKU EMBA cohort 119, operated at skkuemba119.org. User numbers not disclosed. Persisting survey responses and the operator dashboard (analysis + Excel export) are the next milestones.

First round moved cohort operations from "scattered across KakaoTalk, Forms, and spreadsheets" to "one domain." Once response persistence and the operator dashboard are finished, that's the point where "cohort ops" can be evaluated against other clubs and communities.

Used inside the cohort. Generalizing into a cohort-networking tool is possible but on hold.

The permission model is validated from the angle of "are there cases where it's wrongly exposed?" instead of "does the rule exist?" RLS policies are guarded by automated regression tests; "must-never-be-traced" paths like anonymous feedback get separation at the DB-schema layer too, not just code, so the guarantee doesn't crack.

• Next.js 15
• TypeScript
• Tailwind
• Supabase
• Postgres
• Supabase Auth
• Supabase RLS
• Cloudflare Workers
• OpenNext
• Wrangler