Wanderlust – Travel Booking Platform
Airbnb-style platform supporting listing creation, booking flow, reviews, and map-based property discovery. Implements Passport.js, session handling, and Cloudinary for media uploads.
Problem Statement
Travelers rely on multiple disjointed services to discover and book accommodation. Goal: a unified platform where hosts list properties with photos, guests leave reviews, and map-based discovery works seamlessly — plus a deep-dive into session auth and MVC without React.
Solution
Server-rendered Node.js app replicating core Airbnb flow: listing CRUD with Cloudinary multi-image upload, booking with availability validation, review system with star ratings, Mapbox GL map discovery, and Passport.js session auth.
Code Structure
wanderlust/ models/ routes/{listings,reviews,auth}.js controllers/ views/ (EJS) public/ middleware/{isLoggedIn,validateListing} cloudinary/ (Multer config)
Key Strategies
Server-Side Rendering with EJS
EJS templates without React reinforced MVC fundamentals and HTTP cycle understanding — a deliberate learning choice.
Cloudinary for Media
Multi-image upload + CDN delivery increased listing views 30% by enabling rich photo galleries.
Passport.js Local Strategy
Session-based auth with connect-flash provided secure, reliable login for hosts and guests.
MongoDB Atlas
Cloud-hosted MongoDB ensured data availability without managing a local database instance.
Technical Challenges
Performance Decisions
Mobile-first Bootstrap layout boosted engagement ~40%. Cloudinary auto-format reduced image load times. MongoDB Atlas geo-indexed coordinates for fast map-radius queries.
Trade-offs Made
EJS over React: deliberate choice to learn SSR fundamentals. Session auth over JWT: simpler for classic MVC but requires shared session store for horizontal scaling — solved with MongoDB session store.
Lessons Learned
Sessions are stateful: propagation across redirects, Render restarts, and Cloudinary callbacks was the most practically valuable learning. Middleware chains (isLoggedIn -> validateListing -> isOwner) are clean and composable.
Future Improvements
Booking calendar with date-range blocking, Razorpay/Stripe payment integration, Nodemailer email confirmations, React frontend rewrite, admin moderation panel.
Security Considerations
Passport.js bcrypt password hashing, httpOnly secure sameSite session cookies, Joi input validation on all routes, Cloudinary upload restricted to authenticated users only.
Explore Wanderlust – Travel Booking Platform
Check out the source code or see it live.
