Nunisi Hotel and Spa
A hotel management system for a forest retreat hotel
This full stack hotel management system is built for use of taking bookings and payment for a forest retreat hotel in the region of Nunisi in Georgia. The business audience is the hotel owners and the target audience for the site are travellers who are seeking a relaxing getaway, either travelling domestically or internationally. The website was created using custom code written in HTML, CSS, Python, and JavaScript , utilising the full stack framework Django. It is hosted on Heroku with a connected PostgreSQL relational database and provides the users full CRUD functionality.
See DESIGN.md for information on the five planes of UX design, site map, database schema, and features.
See TESTING.md for information on the test driven development of the website, manual and automated testing of the site, bugs encountered, and website analytics.
See DEV.md for an overview of the continuous integration and deployment process, how I set up my development environment, and deployment steps.
Table of Contents
- Project Goals
- User Stories
- Security
- Future Development
- Technologies Used
- User Feedback
- Credits
- Acknowledgements
Project Goals
User Goals
- A website that is easy to navigate.
- A website that will display well on different devices.
- Positive and immediate feedback from the site such as on hover or on click JavaScript animations to ensure a good user experience.
- Contact information of the developer.
- Able to create an account to log in and out.
- Able to opt in/out to promotional emails.
- Full CRUD (Create Read Update Delete) functionality on my user account.
- Ability to book a room.
- Full CRUD functionality on my planned trip.
- Ability to leave a review.
- Full CRUD functionality on my review.
- Security in place to stop others accessing my account and trip.
- A secure payment method to pay for the trip.
- Ability to search for available rooms within a given timeframe.
- Ability to restrict or order available rooms based on amenities offered.
- Have my data and information stored securely.
Site Owner Goals
- Provide the user with room options with correct details and availability.
- Able to track when rooms are not available.
- Able to take payment from the users.
- Able to receive reviews from the users.
- Provide a website that is safe for users to sign up to and that their data is handled securely.
Developer Goals
- A well designed website that catches the attention of the users.
- A responsive website where the functionality is not impacted by screen size.
- Easy navigation that is intuitive and responsive.
- A website designed with accessibility in mind.
- A back end that will handle user details, toy details, and review details.
- A finished product that will proudly be displayed within the developer's portfolio.
User Stories
| User Story ID | As A/An | I Want To Be Able To... | So That I Can... | |
|---|---|---|---|---|
| Viewing and Navigation | ||||
| 1 | First Time Visitor | Tell the purpose of the website immediately | Decide whether I want to use the website | |
| 2 | First Time Visitor | Navigate the website easily and intuitively | I can find the content that I need | |
| 3 | First Time Visitor | Find out more about the hotel and resort | I can decide whether I would like to visit | |
| 4 | First Time Visitor | See various services and facilities that the resort offers | Plan my stay there | |
| 5 | First Time Visitor | See some FAQs | Be well informed | |
| 6 | First Time Visitor | See the location of the resort | Plan my trip accordingly | |
| 7 | First Time Visitor | See reviews of guests who have stayed at the resort | Make a well informed decision about travelling | |
| 8 | First Time Visitor | Know that my interactions on the website have worked | Be sure that the website is resposinsive | |
| 9 | First Time Visitor | Be informed if I land on a non-existant or restricted page | Be sure of what happened and be redirected back to the homepage | |
| 10 | First Time Visitor | Contact the developer | Collaborate on a similar project for my business | |
| Registration and User Accounts | ||||
| 11 | Site User | Have the site content to be safe and secure | Know that I am not open to any malicious activities | |
| 12 | Site User | Easily register for an account | Track my previous purchases | |
| 13 | Site User | Create an account under my email, rather than create a username | Login quicker in future and not forget my login details | |
| 14 | Site User | Sign up with my various social media or other accounts | Sign up and log in quicker and easier | |
| 15 | Site User | Receive an email confirmation after registering | Verify that my account registration was successful | |
| 16 | Site User | Easily login or logout | Keep my data is secure when I use a shared device | |
| 17 | Site User | Update my password | Keep my account secure over time | |
| 18 | Site User | Reset my password if I forget it | Continue to access my account | |
| 19 | Site User | Delete my account if I wish | Retain agency over my information | |
| 20 | Site User | Sign up to a newsletter | Receive updates and offers for my future trips | |
| 21 | Site User | Leave a review | Let others know of my experience | |
| Sorting and Searching | ||||
| 22 | Potential Guest | Search for room availability based on how many people will be going and when | See choices that suit my needs | |
| 23 | Potential Guest | Filter and sort the available rooms | Find the best room for me | |
| 24 | Potential Guest | Find out more information about the rooms | Be sure I am making the correct choice | |
| 25 | Potential Guest | See and sort my previous trips | Keep track of them for my records | |
| Purchasing and Checkout | ||||
| 26 | Guest | Book the room through the website | I can book easily and by convenience | |
| 27 | Guest | Easily select dates and number of guests | Ensure I do not book for the correct amount of people on the correct dates | |
| 28 | Guest | Easily enter my payment information | Check out quickly and with no hassles | |
| 29 | Guest | Feel my personal and payment information is safe and secure | Confidently provide the needed information to make a purchase. | |
| 30 | Guest | View an order confirmation after checkout | Verify that I haven't made any mistakes | |
| 31 | Guest | Receive an email confirmation after checking out | Keep the confirmation of what I've purchased for my records | |
| 32 | Guest | Be prompted to make an account/login to save this trip to "my trips" if I have booked a trip whilst logged out | To maintain a record of my trips | |
| Admin and Store Management | ||||
| 33 | Business Owner | Sure that the room availability is updated correctly with each booking and cancellation | Avoid scheduling conflicts | |
| 34 | Business Owner | Have the payment system easy and secure | Have the rooms paid for | |
| 35 | Business Owner | See information on user accounts | Adjust my business needs to demand | |
| 36 | Business Owner | Add, update, and delete rooms on the database | Keep the information on the website current and correct | |
| 37 | Business Owner | See reviews for user trips | Improve as a business | |
Security
| .gitignore One of the security steps taken was to put all sensitive and irrelevant information in the .gitignore file so as to not upload them to the public online repository. Those added to this file were: |
Inclusion in .gitignore | Reasoning |
|---|---|---|
| *.sqlite3 | Prevent SQLite database files being tracked by GitHub, as it contains local data that is either not relevant to the development or potentially sensitive. | |
| __pycache__ | Contains files generated by the python interpreter which are recreated as needed, so is removed from the version control in order to decrease the size and clutter of the repository. | |
| venv | It has the virtual environment information including paths and configurations that won't work for other developers or environments. So it was added to .gitignore to reduce redundancy and clutter in the repository. | |
| env.py | To hide sensitive information such as… |
Django Allauth
AllAuth is an open source Django package that I used to handle user authentication on the website. It is open source, so it is backed by millions of developers who keep it up to date and secure, providing a key part in the security of this website and data-security of the users who will create user accounts with us. The client ID and secret keys for the social sign-ins are kept in the secure admin dashboard.
Password Security
Django AllAuth uses the password hashing algorithm PBKDF2 to hash passwords before storing them, allowing them to be stored securely and for the possibility for multiple users to have the same password without impacting site security.
Email Validation
As a part of Django-allauth, email validation is required to prevent fake accounts, verify ownership of the email address, and to reduce phishing risks.
Defensive Programming
Password confirmation
The signup form requires a confirmation of the password to prevent the user from making a typo.
Future Security Implementations
Future Development
Technologies Used
Languages
- HTML
- Markup language used for website structure.
- CSS
- Used for styling the elements on the webpage.
- JavaScript
- Used for dynamic functionality on the website.
- Python
- Used for server side scripting and backend development.
- SQL
- Used for maintenance and querying of database throughout to confirm correct functionality.
Frameworks
- Django
- Django is a full server-side framework used to build this web app. It is written in python and provides batteries and low-level automation that makes it easier to build a better web app with less code.
Libraries and Packages
- Pip
- The package installer for python used to install packages and libraries.
- Django Allauth
- Used for user authentication along with registration and account management.
Tools
- Visual Studio Code
- This is my IDE of choice for writing my HTML, CSS, JavaScript, and Python code for this project
- Git
- Used for version control.
- GitHub
- Used to store the code in a repository
- Google Developer Tools
- Used to implement google login and verification
- Google Fonts
- Used to get different typefaces and fonts for the project
- Balsamiq Wireframes
- Used for creating wireframes for the project
- Logo Design AI
- Used for creating the site logo