A complete e-commerce platform for students to buy and sell textbooks, supplies, and school items within their classes. Built with React, Express.js, SQLite, and includes admin panel with TOTP 2FA.
- Product Browsing: Search and filter products by class, price, and popularity
- Secure Purchasing: Complete order flow with form validation and reCAPTCHA
- Product Listings: Sell items with image upload and commission calculation
- Wishlist System: Like products stored in localStorage with ranking system
- TOTP 2FA Authentication: Secure admin access with QR code setup
- Order Management: View, confirm, and cancel orders
- Email Notifications: Automated emails to buyers and sellers
- Invoice Generation: PDF invoices with automatic generation
- Analytics Dashboard: Order stats, revenue tracking, and product metrics
- React 18 with TypeScript
- Tailwind CSS for styling
- Wouter for routing
- TanStack Query for data fetching
- Shadcn/UI components
- React Hook Form for form handling
- Express.js with TypeScript
- SQLite database with migrations
- Express Session for authentication
- Multer for file uploads
- Nodemailer for email notifications
- PDFKit for invoice generation
- Speakeasy for TOTP 2FA
- QRCode for QR code generation
- Node.js 18+
- npm or yarn
-
Clone and install dependencies
git clone <repository-url> cd classstore npm install
-
Set up environment variables
cp .env.example .env
Configure the following in
.env:# Essential Configuration SESSION_SECRET=your-super-secret-key-change-immediately SMTP_USER=your-email@gmail.com SMTP_PASS=your-gmail-app-password RECAPTCHA_SECRET=your-recaptcha-secret-key # ADMIN_URL_PART removed - now hardcoded for security
-
Set up database
# SQLite database will be created automatically # Sample data is included for immediate testing
-
Start development server
npm run dev
The application will be available at
http://localhost:5000
-
Admin Access: Navigate to
/admin/z3XJbf0x0vXsCxnUZnscBRsnE- Username:
admin - Password:
password ⚠️ CHANGE IMMEDIATELY after first login
- Username:
-
TOTP Setup: Follow the QR code setup for 2FA using an authenticator app
-
Test Order Flow:
- Browse products on homepage
- Click "Buy Now" on any product
- Complete purchase form
- Check email for confirmation
Get Gmail App Password:
- Enable 2FA on your Google account
- Go to Google Account settings → Security → 2-Step Verification
- Generate App Password for "Mail"
- Use this password in
SMTP_PASS
- Visit Google reCAPTCHA Console
- Create new site with reCAPTCHA v2 checkbox
- Add your domain (localhost for development)
- Get Site Key and Secret Key
- Add Secret Key to
RECAPTCHA_SECRET - Add Site Key to client environment
# Admin URL uses hardcoded secure hash: z3XJbf0x0vXsCxnUZnscBRsnE
# Generate secure session secret
SESSION_SECRET=$(openssl rand -base64 64)