Natours
Overview
A full-stack tour booking platform where users can browse eco-friendly tours, explore detailed trip pages, create accounts, log in, and book adventures online. Built as part of Jonas Schmedtmann’s Node.js course, the project features production-grade authentication, payments, image processing, and security hardening.
Login Info
Email: laura@example.com
Password: test1234
Features
- User authentication and authorization using secure JWT cookies.
- Browse all tours, including images, guides, difficulty levels, and ratings.
- Detailed tour pages with interactive Mapbox maps and customer reviews.
- Book tours using Stripe payments.
- Update profile details, upload photos, and change passwords.
- Role-based permissions for admin-level operations.
- Secure REST API with rate limiting, sanitization, and robust error handling.
Tech Stack
| Category | Technology / Package | Purpose / Functionality |
|---|---|---|
| Backend Framework | node, express | Server logic, routing, REST API |
| Database | mongodb, mongoose | Data modeling for tours, users, bookings, reviews |
| Authentication | jsonwebtoken, bcryptjs | Secure login, JWT tokens, password hashing |
| Frontend | pug | Server-side rendered client interface |
| Payments | stripe | Online booking and payment processing |
nodemailer | Sending welcome emails and password resets | |
| Maps | mapbox | Displaying tour locations and routes |
| Security | helmet, xss-clean, express-rate-limit, hpp | Secure headers, sanitization, rate limiting, parameter protection |
| Utilities | multer, sharp | Image uploads and resizing |
Project Structure
natours/
├── public/
│ ├── img/
│ ├── css/
│ └── js/
├── src/
│ ├── controllers/
│ ├── models/
│ ├── routes/
│ ├── utils/
│ ├── dev-data/
│ ├── views/
│ └── app.js
├── server.js
├── config.env
└── package.json
Gallery
