The feature image for the project BG2SELL.
The feature image for the project BG2SELL.
The feature image for the project BG2SELL.
The feature image for the project BG2SELL.

FULL-STACK WEB APP | 2026

BG2SELL

A B2C e-commerce platform for buying pre-owned board games. It demonstrates full-stack JavaScript development with features like user authentication, product search, shopping cart, and payment processing.

Express.js
PostgreSQL
Stripe

OVERVIEW

BG2SELL is a full-stack e-commerce site where users can browse, search, and purchase secondhand board games end-to-end. Product discovery is powered by accent-insensitive search, making lookups flexible regardless of special characters in game titles. The cart and authentication state persist across sessions using PostgreSQL-backed session storage rather than in-memory storage, keeping the app production-ready. Security is treated seriously throughout — bcrypt password hashing, HttpOnly session cookies, and input sanitization are applied at every entry point.

IMPLEMENTATION

TECH STACK

Runtime

Node.js

Framework

Express.js

Language

JavaScript

Database

PostgreSQL (Supabase)

Payment

Stripe

Deployment

Render

FEATURES

Product catalog browsing with accent-insensitive search

Shopping cart with persistent session state

Real payment processing via Stripe

User authentication with bcrypt password hashing

PostgreSQL-backed session storage for scalability

Mobile-responsive design

CHALLENGES & SOLUTIONS

Session persistence across server restarts

Used connect-pg-simple to store sessions directly in PostgreSQL instead of server memory, so sessions survive restarts and the app can scale horizontally without losing login state.

Flexible product search with accent support

Implemented accent-insensitive text matching in PostgreSQL queries, allowing users to find products regardless of diacritics or special characters in their search terms.

Secure Stripe checkout integration

Integrated Stripe on both client (@stripe/stripe-js) and server (stripe SDK) sides, keeping secret keys server-only and handling the full payment lifecycle through a dedicated checkout route.

Route protection and input sanitization

Built a middleware-based auth layer to guard all protected routes, paired with bcryptjs for password hashing and the validator library for input sanitization to prevent injection attacks.