Project repository link:

https://dev.azure.com/yin-lam-chan/comic-bookstore-system/_git/comic-bookstore-system

Application demo video:


Project description:

This comic bookstore system is designed for a comic book rental business. The purpose of this system is to be convenient for the bookstore owner to manage the comic book rental products, also to make it easier for the customers to choose books that they would like to rent and to submit book reservation requests.
If the bookstore owner login to the application with the administrator credential, he will be directed to the admin dashboard. If the bookstore customers login to the application, they will be directed to the user dashboard.


Technology used:

A full stack application, using React.js for the frontend, Node.js and Express for the backend, MongoDB for the database, and Json Web Token for user authentication.


Deployed on:

Heroku


Application features:
  • Validation rules in the signup function

    • To make sure the signup function is receiving the correct information, all the fields in the signup form cannot be empty, and there are some validation rules for error handling in the client-side to remind users to type in correct format of data.


  • Encrypt users' password before saving new users in the database

    • Use a backend middleware call "Bcrypt" to hash and salt users' password, the users' password are shown as random strings instead of the real passwords. Even the hacker tries to hack into the database, the hacker will not be able to steal the users' credential.


  • Tighten application security using Json Web Token

    • If a user login with the email and password that match with the saved user information in the database, the user is authenticated and allow to access the application. The user will be assigned a pair of access token and refresh token. The access token enable the user to access the application content, this access token will expire in 10 minutes, the refresh token is used to generate a new pair of access token and refresh token, so the user can keep using the application without having to login again. If the hacker cannot able to steal the access token in 10 minutes, the access token would already be refreshed to a new set of valid access token, the hacker would not be able to access the application with an expired access token.


  • Direct users to different dashboards with different functionalities

    • The administrator will be directed to admin dashboard, the public users will be directed to the user dashboard.

    Admin dashboard functionalities:

    1. See all the books in the database
    2. Add new book
    3. Edit book detail
    4. Delete book

    User dashboard functionalities:

    1. See all the books in the database
    2. View the books' details
    3. Search book by the book name
    4. Filter books by the category
    5. Add comic books to the user account to submit reservation request
    6. See which books been added to the account and calculate how much rental fee the user has to pay


  • Fully mobile responsive