TechNova ⚡

A modern e-commerce platform for buying and selling tech products. Built with Node.js, Express, SQLite, and vanilla JavaScript.

Features

• 🔐 User authentication (local + Google Sign-In)
• 🛒 Product catalog with search and filters
• 💳 Shopping cart and checkout
• 📦 Seller dashboard for managing products
• 📊 Order history for buyers
• 💰 Sales tracking for sellers
• 🎨 Modern cyberpunk-inspired UI

Quick Start with Docker Compose

The easiest way to run the application is using Docker Compose:

# Clone or navigate to the project
cd live-coding-5

# Start the application
docker compose up -d

# View logs
docker compose logs -f

# Stop the application
docker compose down

# Stop and remove volumes (database)
docker compose down -v

Access the application

• Frontend: http://localhost:8080
• Backend API: http://localhost:3000

Default credentials

• Username: technova_admin
• Password: Admin1234

Project Structure

live-coding-5/
├── backend/              # Node.js Express API
│   ├── app.js           # Main application file
│   ├── package.json     # Dependencies
│   └── Dockerfile       # Backend container config
├── frontend/            # Static HTML/CSS/JS
│   ├── index.html       # Main HTML file
│   ├── script.js        # Frontend logic
│   ├── style.css        # Styles
│   └── nginx.conf       # Nginx config for Docker
├── docker-compose.yml   # Docker Compose configuration
├── .env.example         # Environment variables template
└── README.md           # This file

Configuration

1. Copy .env.example to .env:

   cp .env.example .env

2. Update the environment variables in .env:

   • SESSION_SECRET: Change to a secure random string
   • GOOGLE_CLIENT_ID: Add your Google OAuth client ID (optional)

API Endpoints

Authentication

• POST /api/register - Register new user
• POST /api/login - Login
• POST /api/logout - Logout
• GET /api/me - Get current user
• POST /api/auth/google - Google Sign-In

Products

• GET /api/products - Get all products (public)
• GET /api/products/mine - Get user's products (private)
• POST /api/products - Create product (private)
• PUT /api/products/:id - Update product (private)
• DELETE /api/products/:id - Delete product (private)

Orders

• POST /api/checkout - Purchase items
• GET /api/orders/mine - Get purchase history
• GET /api/sales/mine - Get sales history

Security Features

• ✅ Password hashing with bcrypt (cost factor 12)
• ✅ Rate limiting on login endpoint
• ✅ Session-based authentication with httpOnly cookies
• ✅ Input validation on all endpoints
• ✅ SQL injection prevention with prepared statements
• ✅ CORS configuration
• ✅ XSS protection headers
• ✅ Foreign key constraints in database
• ✅ Authorization checks (no IDOR vulnerabilities)

Development

Without Docker

Backend

cd backend
npm install
node app.js

Frontend

Serve the frontend folder with any static file server:

cd frontend
python3 -m http.server 8080
# or
npx http-server -p 8080

With Docker (recommended)

See Quick Start above.

Database

The application uses SQLite for simplicity. The database is automatically initialized with:

• Sample products
• Default admin user

Database location:

• Development: ./backend/data/technova.sqlite
• Docker: Persistent volume db-data

Technologies

• Backend: Node.js, Express, better-sqlite3, bcryptjs
• Frontend: Vanilla JavaScript, HTML5, CSS3
• Database: SQLite
• Authentication: express-session, Google OAuth
• Containerization: Docker, Docker Compose

License

MIT

Author

Built for TechNova Hackathon DAM/DAW