Damien Hollis

Good morning, I'm just stopping in to give a quick review of your application. :)

Blog List:

• The infinite scroll is really well done and it loads quite quickly.
• I like that you don't have to have the post you want to search for in view (scroll until it loads) to have it returned in a search. 
• The layout and design is very clean and the dark mode is very nice.
• Suggestion: Because each blog post is displayed like a card, I would personally like it if the whole blog list item to be clickable instead of just the title.

Blog Detail:

• Everything in the blog detail page is really nice, although the view count goes up with each refresh of the page. This behaviour does make sense (since a new view is literally loaded in), but it would be better if you could limit the views to one per person so the view metrics are a better representation of post interest.

Admin:

• I like that the admin page is accessible from the navigation bar and that the admin page has a way back to the main site. It really makes the two applications feel related.
• The rich text editor is excellent and the create / edit post feature is simple and intuitive
  • Suggestion: It would be good to clear the error message when an input field has gained focus again so the user knows they have a fresh start.

Sign in / Account

• I can see from your repo that you're using hard coded environment variables for your authentication. It would be a good idea to look into a more robust and scalable authentication option like OAuth moving forward unless you plan on only having one admin .

Questions:

• Will there only be one admin user of this blog?
  • If so, is this also why there is no username field and only a password field when accessing the admin site?
  • If not, have you considered how you will scale up the authentication and admin account access for multiple users?
     
• Is there a reason that Category can't contain special characters but Tags can?
  • Could there be any way that I could make a category called “Healthy Living”?
     
• Has infinite scroll been implemented in the admin app or just the web app?

Good morning, I am just here to give a quick review of your web app :)

It looks pretty good, I just have a few pieces of feedback for you and a coupel of questions to get you thinking.

Signin / Account:

• As a user, I appreciate the feedback of whether it was my name or password that I entered incorrectly, however from a security point of view, you should avoid stating which of the login fields is incorrect.
  •  Just the knowledge that an account name exists in a database can give malicious actors an advantage.
• I noticed that the admin password you input was only three characters long. You may want to consider making a requirement for passwords to be stronger (at least 8 characters).

BlogList Search:

• The fact that the search is not case sensitive is very pleasing because as a user, it is very frustrating to have to match case perfectly.

Question:

• How will users be able to keep track of who posted what message in the Blog post comments? 
   
• At the moment your login functionality is done through values stored in environment variables. Have you looked into more appropriate authentication strategies like storing a hash+salted password in a database or using something such as the NextAuth package?
   

Hello there. I'm just stopping in to give a review for your application. :)

Account / Login: 

• Glad to see the "Confirm Password" field in your register form. This is often overlooked.
•  I do like that setting the personal information and address are optional when creating a new account. While they are useful fields for a store application, users appreciate a quick and easy sign-up and usually prefer to set things up later when they need it.
• Suggestion: show a confirmation on account creation to let the user know that the account creation is successful and can use their new credentials when they are redirected to the login page.

Admin:

• You have done a great job of making sure that messages and information are available to the user such as confirmation when adding things, and error messages when things have gone wrong.
• Although it isn't shown in the demonstration, the prisma schema for your database is very comprehensive and has a careful balance of mandatory and optional fields.
  • For example, making the Description field optional for making a category is a very user friendly approach
• I did notice that when you tried to save a category with a duplicate slug, you received a console error.
  • I would suggest that you display the error on screen and do a normal console.log to log the error. It is better to save console.error for fatal errors because the  console error can crash your application and it will confuse users.

Questions:

• Since [slug] for Category and Product is unique, is there a reason that you have chosen to create a specific id field instead of just using the slug as id?
   
• For the user registration, I notice you are using the bcrypt library for hashing the passwords but the functions have been commented out. 
  • Were there difficulties in implementing the bcrypt functions? 
  • Did you look into other authentication options such as next-auth? 
     
• You mentioned that when editing a user, the only option currently was to toggle admin privilege. Would admin be able to change more details about a user in the future? If so, what could they change and why?

Hello there, I would just like to give you a review for your web app. :)

I apologise for the essay <3

UI / UX:

• I like how simple and straight-forward the design is where the only “fancy” element on the page is the carousel which is exactly what you want for a featured products section.
• I am quite a fan of your choice to use something other than white as the primary background colour in a light theme which is much kinder on the eyes
• It would be nice for the products featured in the carousel to also have their name and price displayed so users know what the product is.
• For the products themselves, there should be some feedback when a user clicks on “add to cart” because once they have scrolled to the products, they can no longer see the cart icon.
  • Suggestion: also make the header/nav ‘sticky’ so it is always at the top of the screen

Purchase / Checkout:

• Excellent choice to use Stripe for your checkout functionality so you know that payments will always be handled properly. I like your idea of validating the cart to prevent users checking out with no items since the checkout link goes directly to Stripe.
• The only issue I have with the whole checkout and purchasing system is that the cart is emptied if the payment is cancelled which would include times that you just wanted to go back and add one more thing. 

Signin / Account:

• I like that you can complete purchases as a guest or as an authenticated user.
• I personally like that there isn't any restriction on what your password can be so I can set a short and easy to remember password, but it might be better practice to put some criteria on the password complexity.
• When a user makes a new account, you should either validate their email (send them a verification link) or have them enter their password twice in case they make a mistake. The email verification is so they have access to resetting their password if they forgot (or made a typo when setting it). 
• Suggestion: a better idea is to use something like next-auth that will handle all of the account management for you much like how Stripe handles the checkout

Admin:

• I love the use of a popup window for editing and adding products instead of navigating to a new page. This has a much nicer and more modern feel compared to traditional page routing.

Questions:

• (Just because I have to know):  is the carousel supposed to get the zoomies when it reaches the end, or is it supposed to look like a continuous flow?
   
• With regard to how the products all have a link to ‘#’: are these placeholder links going to be used for something later? If so, what will they be used for?
   
• Why is the cart cleared when a payment is cancelled? Is this a limitation of the Stripe API or is there a way that the cart can maintain its state until a successful payment?
   
• For the Admin app, why have you chosen to use one page for both the Orders and Products tables instead of giving them their own dedicated pages?

What problem are you experiencing with the deployment?
I can access both the user and admin applications and navigate through them but I'm not sure if that's because I have special access rights or something. I also can't see anything on Vercel that would be an issue.

If it's specific functionality that isn't working, I do know that there are some bugs in there that could be the problem. 

Hey there, I'm just dropping in to give some feedback on your application. :)

I'm sorry it's so long. T_T 

UI: 

• I like the simple and modern design of the website. The animations in the site give it a professional feel and the loading animation is a great choice.
   
• I like the amount of detail shown on the product cards, particularly the ratings although I did notice that there does not seem to be any way to view, filter by, or add ratings on the store.
   
• You might want to consider adding a hover effect to the cards to give feedback to the user that the card is in focus for a better user experience.

Account/Signin:

• I like that it logs you in if you try to create a new account with existing credentials but the error message that pops up should probably say that the user exists already instead of “error creating account”.
   
• When a user creates an account, it is always a good idea to have the user enter their new password twice in case they make a mistake. Alternatively, you can also confirm their email address before finalising the account so they can use "forgot password" features.

Checkout:

• The redirection after adding items to the cart is an interesting choice. The redirection takes you to the cart which then prompts you to checkout. From a business perspective, it would be much better to redirect customers back to the product page (or even a “you might also like” page) to try and get them to spend more.
   
• The checkout page is missing some important data fields (which has already been mentioned in another post), but it is also missing some important validation for the credit card payment. 
  • It stops me from putting in the wrong number of digits and dates that don't exist, however it lets me checkout successfully with an expired credit card.

Admin:

• Very clean and well implemented design with intuitive navigation. 
• I also really like the recent activity on the home page for both admin activities and customer activities.

Questions:

• Are you thinking of implementing the ratings feature in the future, and if so, how would you go about integrating it into the existing design? (i.e. filtering, featured on home, etc.)
   
• Why have you chosen to need customers to be signed in to purchase items instead of being able to checkout as a guest?
   
• How would a user regain access to their account if they forgot their password (or what recovery system would you implement for this)?
   
• Lastly: If you were to keep working on this site, what would be the next feature you would like to develop? :)