This is a Next.js platform created by SSbit01 where users can create polls and everyone can vote in them. It uses a MongoDB Atlas database to store users and polls.
This platform has many security vulnerabilities. This is just a simple personal project that was made a long time ago. Please use it for simple tasks. Go to vulnerabilities.
MONGO_URI: MongoDB URI stringCOOKIE_NAME: e.g. voting-app_cookieCOOKIE_PASSWORD: complex password at least 32 characters long
Remember to install local packages, I used pnpm package manager in this project, but of course you can use any other package manager like npm or yarn.
This project works like any other Next.js project. The following scripts can be found in the package.json file and refer to the different development stages.
"dev": "next dev",
"build": "next build",
"start": "next start",
"lint": "next lint"- User ID is exposed to the client.
- The user name is stored in the cookie but it doesn't get updated if another session changes it.
- GLOBAL
- Solve the vulnerabilities and known issues
- Hash the password on the client side and send the result to the server to verify it. Doing this the server doesn't know the user's password.
- Try to cache SWR results in
localStorage. See Persistent Cache
/components/Poll.tsx- Simplify Structure: use multiple contexts
/pages/api/voted.ts- Sort the results according to when each vote was added, not by poll id
/pages/api/user/[id].ts- Remove this path. Replace it with just
/pages/api/user
- Remove this path. Replace it with just