A hotel management system for a forest retreat hotel
This full stack hotel management system is built for use of taking bookings and payment for a forest retreat hotel in the region of Nunisi in Georgia. The business audience is the hotel owners and the target audience for the site are travellers who are seeking a relaxing getaway, either travelling domestically or internationally. The website was created using custom code written in HTML, CSS, Python, and JavaScript , utilising the full stack framework Django. It is hosted on Heroku with a connected PostgreSQL relational database and provides the users full CRUD functionality.
See DESIGN.md for information on the five planes of UX design, site map, database schema, and features.
See TESTING.md for information on the test driven development of the website, manual and automated testing of the site, bugs encountered, and website analytics.
See DEV.md for an overview of the continuous integration and deployment process, how I set up my development environment, and deployment steps.
User Story ID | As A/An | I Want To Be Able To... | So That I Can... | |
---|---|---|---|---|
Viewing and Navigation | ||||
1 | First Time Visitor | Tell the purpose of the website immediately | Decide whether I want to use the website | |
2 | First Time Visitor | Navigate the website easily and intuitively | I can find the content that I need | |
3 | First Time Visitor | Find out more about the hotel and resort | I can decide whether I would like to visit | |
4 | First Time Visitor | See various services and facilities that the resort offers | Plan my stay there | |
5 | First Time Visitor | See some FAQs | Be well informed | |
6 | First Time Visitor | See the location of the resort | Plan my trip accordingly | |
7 | First Time Visitor | See reviews of guests who have stayed at the resort | Make a well informed decision about travelling | |
8 | First Time Visitor | Know that my interactions on the website have worked | Be sure that the website is resposinsive | |
9 | First Time Visitor | Be informed if I land on a non-existant or restricted page | Be sure of what happened and be redirected back to the homepage | |
10 | First Time Visitor | Contact the developer | Collaborate on a similar project for my business | |
Registration and User Accounts | ||||
11 | Site User | Have the site content to be safe and secure | Know that I am not open to any malicious activities | |
12 | Site User | Easily register for an account | Track my previous purchases | |
13 | Site User | Create an account under my email, rather than create a username | Login quicker in future and not forget my login details | |
14 | Site User | Sign up with my various social media or other accounts | Sign up and log in quicker and easier | |
15 | Site User | Receive an email confirmation after registering | Verify that my account registration was successful | |
16 | Site User | Easily login or logout | Keep my data is secure when I use a shared device | |
17 | Site User | Update my password | Keep my account secure over time | |
18 | Site User | Reset my password if I forget it | Continue to access my account | |
19 | Site User | Delete my account if I wish | Retain agency over my information | |
20 | Site User | Sign up to a newsletter | Receive updates and offers for my future trips | |
21 | Site User | Leave a review | Let others know of my experience | |
Sorting and Searching | ||||
22 | Potential Guest | Search for room availability based on how many people will be going and when | See choices that suit my needs | |
23 | Potential Guest | Filter and sort the available rooms | Find the best room for me | |
24 | Potential Guest | Find out more information about the rooms | Be sure I am making the correct choice | |
25 | Potential Guest | See and sort my previous trips | Keep track of them for my records | |
Purchasing and Checkout | ||||
26 | Guest | Book the room through the website | I can book easily and by convenience | |
27 | Guest | Easily select dates and number of guests | Ensure I do not book for the correct amount of people on the correct dates | |
28 | Guest | Easily enter my payment information | Check out quickly and with no hassles | |
29 | Guest | Feel my personal and payment information is safe and secure | Confidently provide the needed information to make a purchase. | |
30 | Guest | View an order confirmation after checkout | Verify that I haven't made any mistakes | |
31 | Guest | Receive an email confirmation after checking out | Keep the confirmation of what I've purchased for my records | |
32 | Guest | Be prompted to make an account/login to save this trip to "my trips" if I have booked a trip whilst logged out | To maintain a record of my trips | |
Admin and Store Management | ||||
33 | Business Owner | Sure that the room availability is updated correctly with each booking and cancellation | Avoid scheduling conflicts | |
34 | Business Owner | Have the payment system easy and secure | Have the rooms paid for | |
35 | Business Owner | See information on user accounts | Adjust my business needs to demand | |
36 | Business Owner | Add, update, and delete rooms on the database | Keep the information on the website current and correct | |
37 | Business Owner | See reviews for user trips | Improve as a business |
.gitignore One of the security steps taken was to put all sensitive and irrelevant information in the .gitignore file so as to not upload them to the public online repository. Those added to this file were: |
Inclusion in .gitignore | Reasoning |
---|---|---|
*.sqlite3 | Prevent SQLite database files being tracked by GitHub, as it contains local data that is either not relevant to the development or potentially sensitive. | |
__pycache__ | Contains files generated by the python interpreter which are recreated as needed, so is removed from the version control in order to decrease the size and clutter of the repository. | |
venv | It has the virtual environment information including paths and configurations that won't work for other developers or environments. So it was added to .gitignore to reduce redundancy and clutter in the repository. | |
env.py | To hide sensitive information such as… |
Django Allauth
AllAuth is an open source Django package that I used to handle user authentication on the website. It is open source, so it is backed by millions of developers who keep it up to date and secure, providing a key part in the security of this website and data-security of the users who will create user accounts with us. The client ID and secret keys for the social sign-ins are kept in the secure admin dashboard.
Password Security
Django AllAuth uses the password hashing algorithm PBKDF2 to hash passwords before storing them, allowing them to be stored securely and for the possibility for multiple users to have the same password without impacting site security.
Email Validation
As a part of Django-allauth, email validation is required to prevent fake accounts, verify ownership of the email address, and to reduce phishing risks.
Password confirmation
The signup form requires a confirmation of the password to prevent the user from making a typo.