Skip to main content

Project Structure

Understanding the codebase structure: 
sora-digital-photo-frame/
├── documentation/           # Technical specifications
├── server/                  # Node.js backend
│   ├── controllers/         # Business logic
│   ├── middleware/          # Express middleware
│   ├── routes/             # API endpoints
│   ├── public/             # Frontend files
│   ├── uploads/            # Image storage
│   └── server.js           # Main entry point
└── README.md

Data Flow

1

Client Request

Browser sends request to Express server
2

Middleware Processing

Authentication, validation, and logging middleware process request
3

Route Handler

Specific route handler processes business logic
4

File Operations

File system operations or image processing as needed
5

Response

JSON response sent back to client

Security Architecture

Admin Access Control
  • Password-based admin authentication
  • Session-based authorization
  • Protected admin endpoints
  • Secure file upload validation
File Security
  • File type validation
  • Size limits enforcement
  • Path traversal protection
  • Malicious file detection
Input Validation
  • Request parameter sanitization
  • File upload validation
  • SQL injection prevention (though no SQL used)
  • XSS protection in admin panel
Environment Security
  • Environment variable configuration
  • Secure defaults
  • Error information hiding in production

Technology Stack

Backend Technologies

  • Runtime: Node.js 18+
  • Framework: Express.js
  • Image Processing: Sharp
  • File Handling: Native Node.js fs

Frontend Technologies

  • JavaScript: Vanilla ES6+
  • CSS: CSS3 with Custom Properties
  • Design: Material Design
  • Build: No build system (vanilla approach)