Digital products Ecommerce
A full-featured commerce platform: a rich product editor (Tiptap WYSIWYG), email marketing (AWS SES), rate limiting (Upstash), analytics, and Sentry error tracking. Built on Next.js 16 with Firebase Firestore and Moyasar for payments.
This is the platform you are looking at now: a production storefront where a studio sells digital products — courses, templates, assets — beside its physical services. Multiple sellers, a what-you-see-is-what-you-get editor, automated receipts and email, live analytics, and a Moyasar checkout that confirms every payment by verified webhook.
What it solves
- A studio has nowhere to sell digital products — courses, templates, assets — beside its physical services under one roof.
- Revenue and operations live in spreadsheets, with no single dashboard for analytics, orders, and products.
- Order confirmations and download links go out by hand instead of automatically.
- Payments need a trusted gateway with verified webhooks and fraud checks, not a patchwork of methods.
Impact
Vendor management
Rich product descriptions
Powered by AWS SES
Architecture
Data flow
- Browse products (/[locale]/shop)
- Add to cart (Zustand + localStorage)
- Checkout → Firestore order (pending)
- /api/checkout → Moyasar payment form
- Payment → Moyasar webhook (HMAC verified) → order paid
- AWS SES: receipt + signed download link
- Download → token validated → Firebase Storage serves file
- Admin dashboard: revenue, orders, product CRUD
Engineering decisions
Multi-seller vendor support
Firestore collections are scoped by seller UID; admins see all orders while each user sees only their own.
Tiptap for rich blog & product descriptions
A WYSIWYG editor preserves formatting without custom parsing, so merchants author rich content directly.
Signed, time-limited download URLs
Token-based access via Firebase Cloud Functions verifies the signature before serving any digital asset.
Moyasar webhook security (HMAC-SHA256)
Every payment webhook is verified with HMAC-SHA256 before the order status changes, reducing fraud.
Bilingual locale-scoped routes
[locale]/shop and [locale]/admin; middleware enforces the locale with a fallback to user preference.
Gallery
