It's an e-commerce shopping website built with nodeJS and expressJS. For database, MongoDb is used for storing the data. In frontend, EJS, CSS, javascript has been used.
It has all the neccessary features that a shopping website should contain, From buying the product,sending mails to users, payments to getting the invoice of your order which you can further download it as PDF.
--Build Flow--
Signing Up first - One of the best features of this website is that it can interact(send emails) to you on your real email-ID which you can receive in just couple of seconds. It uses sendgrid API, nodemailer, nodemailer-sendgrid-transport package for that. For Example : when you first time signup on website it will send email containing message "Signed Up successfully." Or if you want to reset your password, you can enter your real emailID and then you will receive a message containing the link for resetting the password.
For authentication and authorization, sessions has been used which gives quite strong authorization capabilities. The session will get created when a user gets logged in and will get destroyed on logout. The package used is express-session.
The user can access all the shop products, can view details about each of them, but is not authorized to edit or delete the product. Only that user that has added the products is authorized to edit/delete them. The website compares the userID of the user and compares it with creatorID.
After selection the user can add the products to the cart and can finalize them there. The user can delete the items or reduce the quantity(if there are many), and can finally checkout.
Payment : For payment, this website uses stripe API which will ask your card details after checking out. If payment gets failed, the user will get send back to the checkout page and if succeeded the user can see his order items in the orders page.
Downloading the Invoice : This wesite also offers you to download the invoice of your order with an unique Invoice ID. The file format of the invoice will be of PDF.
--Security--
CSRF tokens has been used in every flow of the website.
Open-ssl package was used for the SSL/TLS encryption, However the certificate generated by the package was not rightly authorized, therefore the browser throws a safety message every time you visit the site as they don't trust these third-party-package encryption techniques. Therefore, it was removed from the site.
--Optimizations--
This website uses compression package which will compress the files(css,scripts etc..) coming from the server. This will result in reduction of the data usage and loading time may get reduced,
--Utilities--
EJS templating engine is used in this website for creating dynamic web pages.
Flash package is used for popping the messages/notifications.
This website generates logs for better understanding of the flow of website, can also come in handy to figure out any bugs or so. The package used for this is morgan package.