I'm diving into e-commerce development and have hit a pivotal point. I feel comfortable with front-end tasks like creating the add-to-cart feature and managing the shopping cart. Now, I'm looking to secure my e-commerce store. I've read that some elements, like cart contents and product prices, shouldn't be solely managed on the client side because users could manipulate them with tools like DevTools.
I need advice on a couple of key points:
1. Should I learn Node.js to ensure a secure e-commerce environment? If so, how in-depth should my knowledge be to prevent users from altering prices or quantities before checkout? How long would it realistically take to get a good grasp, given my solid background in JavaScript?
2. Is it more practical to consider a Backend as a Service (BaaS) option instead of building a complete back-end system?
I appreciate any insights or experiences from those who have transitioned from front-end-only development to creating a more secure online store. Thanks!
1 Answer
It's crucial to ensure your e-commerce site isn't your very first production project. Instead of building everything from scratch, consider leasing a PCI-compliant cart system to avoid potential risks and liabilities. You're dealing with sensitive information, and managing it from the ground up involves significant responsibility.
Yeah, I want to create my own store, but I'm not keen on using platforms like Shopify or dealing with their fees. I'm set on building the front-end myself as I can handle the cart and product management. My main hang-up is making sure no one can mess with prices before checkout. Plus, I want to use payment options like Stripe or PayPal while keeping security tight.