The system is a server-side implementation for an online store selling various towels, bags, and poncho products. The system includes user authentication, session management, email notifications, and functionality to handle user registration, login, and product purchases.
Security Concerns: Storing passwords as plain text in user_data.json is a significant security concern. Next time I would store hashed and salted passwords for enhanced security.
Incomplete Session Handling: The code manages sessions but doesn’t appear to handle session expiration or logout effectively. There’s a need for a robust session management strategy.
Email Configuration: The email configuration relies on a hardcoded host (mail.hawaii.edu). It might be better to make this configurable and not reject unauthorized certificates.
Error Handling: While errors are identified, there isn’t a consistent and comprehensive error-handling mechanism throughout the code.
User Authentication: The system successfully authenticates users, stores user-related information in cookies, and maintains login status.
Product Handling: The code manages product quantities, updates the total sold, and maintains a structured product array.
Email Integration: The integration of Nodemailer for sending order confirmation emails is a positive aspect of the system.
Password Handling: Storing passwords as plain text is a security vulnerability. Implementing a more secure password storage mechanism is essential.
Session Handling: The session handling and logout functionality could be improved for better security and user experience.
Error Messaging: While errors are identified, more detailed and user-friendly error messages could enhance the user experience.
Server-Side Emphasis: Assignment #3 focuses more on server-side processes, including user authentication, product handling, and email communication, as compared to Assignment #2, which emphasizes client-side validation and webpage aesthetics.
Collaboration: The code includes comments mentioning assistance from individuals (Ethan Schwarz, Anthony Lee, Reyn, and Marina Cleavenger).
Research: External research, consulting with peers, and utilizing external sources for understanding concepts like password hashing and session handling.
Code Familiarity: The developer’s familiarity with the code from Assignment #1 facilitated variable declaration and additions.
Product Sorting: Products are effectively sorted by type, enhancing the user experience in navigating the store.
Lack of Documentation: Some sections lack sufficient comments or documentation, making it challenging to understand the purpose and functionality of certain code segments.
Limited Session Handling: The code lacks a comprehensive session handling mechanism, and there are areas where session-related tasks could be better structured.
Server-Side Processes: Assignment #3 provided a deeper understanding of server-side processes, emphasizing tasks such as updating JSON files and making them interact.
Password Encryption: Learned about password encryption techniques, such as SHA-256 hashing, for improved security.
Research: The developer would allocate more time to research server-side processes beyond the assigned readings and modules.
Security Implementation: Implement a more secure password storage mechanism from the beginning.
Thinking about How to Do Something: 20% Writing Code (excluding testing): 30% Testing and Debugging: 50%