RateMyAccom NSW

Student accommodation reviews for NSW universities - Find the perfect place to live while studying in New South Wales.

A production-ready web application for rating and reviewing student accommodations across NSW universities. Built with security, accessibility, and user experience as top priorities.

Features

Core Features

Student-Verified Reviews: Only verified university students can submit reviews
Comprehensive Ratings: Multi-dimensional ratings covering cleanliness, location, value, amenities, management, and safety
Advanced Search: Filter accommodations by university, location, price range, and amenities
Responsive Design: Optimized for desktop, tablet, and mobile devices

Security Features

Input Validation & Sanitization: XSS, SQL injection, and path traversal protection
CSRF Protection: Token-based protection for all state-changing requests
Rate Limiting: Prevents spam and abuse with configurable limits
Security Headers: CSP, HSTS, X-Frame-Options, and more
Student Data Privacy: Email verification and minimal data collection

Code Quality

TypeScript Strict Mode: Enhanced type safety with comprehensive type definitions
Automated Testing: Jest + React Testing Library with 70%+ coverage
ESLint + Prettier: Enforced code style and best practices
Pre-commit Hooks: Husky + lint-staged for quality gates
Error Boundaries: Graceful error handling throughout the app

Tech Stack

Framework: Next.js 14 with App Router
Language: TypeScript 5 (strict mode)
Styling: Tailwind CSS
State Management: Zustand + TanStack Query
Forms: React Hook Form + Zod validation
Testing: Jest + React Testing Library
Security: CSRF protection, rate limiting, input sanitization
Code Quality: ESLint, Prettier, Husky

Project Structure

ratemyaccom/
├── app/                          # Next.js App Router pages
│   ├── accommodation/[slug]/     # Dynamic accommodation detail pages
│   ├── layout.tsx               # Root layout with header/footer
│   ├── page.tsx                 # Landing page
│   └── globals.css              # Global styles and Tailwind directives
├── components/
│   ├── accommodations/          # Accommodation-related components
│   │   ├── AccommodationCard.tsx
│   │   └── FeaturedGrid.tsx
│   ├── forms/                   # Form components
│   │   └── ReviewForm.tsx
│   ├── reviews/                 # Review-related components
│   │   ├── ReviewCard.tsx
│   │   └── RatingBreakdown.tsx
│   └── ui/                      # General UI components
│       ├── Header.tsx
│       ├── Hero.tsx
│       └── SearchBar.tsx
├── lib/
│   ├── auth/                    # Authentication utilities (future)
│   ├── database/                # Database utilities (future)
│   ├── utils/                   # Helper functions
│   └── data/
│       └── placeholder.ts       # Sample data for demonstration
├── types/
│   └── index.ts                 # TypeScript type definitions
└── public/                      # Static assets

Getting Started

Prerequisites

Node.js 18+
npm or yarn

Installation

Install dependencies:

npm install

Run the development server:

npm run dev

Open http://localhost:3000 in your browser

Available Scripts

# Development
npm run dev          # Start development server
npm run build        # Build for production
npm run start        # Start production server

# Code Quality
npm run lint         # Run ESLint
npm run lint:fix     # Fix ESLint errors
npm run format       # Format code with Prettier
npm run format:check # Check code formatting
npm run type-check   # Run TypeScript compiler checks

# Testing
npm run test         # Run tests
npm run test:watch   # Run tests in watch mode
npm run test:coverage # Run tests with coverage report

Key Components

Landing Page

Hero section with value proposition
Search bar for filtering by university/location
Featured accommodations grid
Benefits section

Accommodation Detail Page

Comprehensive accommodation information
Rating breakdown by category (cleanliness, location, value, amenities, management, safety)
Student reviews with pros/cons
Review submission form
Contact information and pricing

TypeScript Interfaces

The project uses strongly-typed interfaces for:

Accommodation - Property details, location, amenities, pricing
Review - User reviews with ratings and feedback
User - User profiles with university affiliation
RatingBreakdown - Category-specific ratings
SearchFilters - Search and filter parameters

Styling

The project uses Tailwind CSS with a custom color scheme:

Primary: Blue tones for main actions and branding
Secondary: Purple accents for highlights
Accent: Green for success states and verified badges

Custom utility classes include:

.btn, .btn-primary, .btn-secondary, .btn-outline - Button styles
.card - Card container with shadow
.input - Form input styling
.badge - Status badges

Sample Data

The project includes placeholder data for 4 NSW accommodations:

UNSW Village (Kensington)
UniLodge on Broadway (Ultimo)
Macquarie University Village (North Ryde)
Urbanest Darlington (Darlington)

Each includes realistic pricing, amenities, and student reviews.

Deployment

Quick Deploy to Vercel

Manual Deployment

Install Vercel CLI
```
npm install -g vercel
```
Deploy to Staging
```
npm run deploy:staging
```
Deploy to Production
```
npm run deploy:production
```

For detailed deployment instructions, see DEPLOYMENT.md

For pre-deployment checklist, see DEPLOYMENT_CHECKLIST.md

Environment Setup

Copy environment template:
```
cp .env.example .env.local
```
Configure your environment variables (see .env.example for required variables)
Set up database:
```
npm run db:migrate
npm run db:seed
```

Production Features

Implemented

✅ Vercel deployment configuration
✅ Security headers and CSP
✅ API rate limiting
✅ Database connection pooling
✅ Error tracking ready (Sentry)
✅ Analytics (Vercel Analytics & Speed Insights)
✅ SEO optimization
✅ Performance monitoring
✅ Automated deployments (CI/CD)

API Endpoints

GET /api/accommodations - List accommodations with filtering
GET /api/accommodations/[id] - Get single accommodation
GET /api/reviews?accommodationId=xxx - Get reviews for accommodation
POST /api/reviews - Submit new review
GET /api/health - Health check endpoint

Monitoring & Analytics

Vercel Analytics: Real-time visitor analytics
Speed Insights: Core Web Vitals monitoring
Error Tracking: Sentry integration ready
Logs: Real-time deployment logs via Vercel

Security

Comprehensive Security Implementation

Input Validation & Sanitization

All user inputs are validated using Zod schemas and sanitized to prevent:

XSS attacks
SQL injection
Path traversal
Script injection

// Example: Review submission validation
const reviewSchema = z.object({
  title: z.string().min(10).max(100),
  text: z.string().min(50).max(2000).refine(/* XSS check */),
  rating: z.number().min(1).max(5),
});

CSRF Protection

All state-changing requests require valid CSRF tokens:

// Automatically handled by API client
api.post('/reviews', reviewData); // CSRF token added automatically

Rate Limiting

Endpoints are protected with rate limiting:

Auth endpoints: 5 requests per 15 minutes
Review submissions: 3 reviews per 24 hours
Search: 60 requests per minute
General API: 100 requests per minute

Security Headers

Content Security Policy (CSP)
Strict-Transport-Security (HSTS)
X-Frame-Options (clickjacking protection)
X-Content-Type-Options (MIME sniffing protection)
X-XSS-Protection
Referrer-Policy

Authentication & Authorization

Student email verification (NSW universities only)
Bcrypt password hashing
JWT-based session management
Role-based access control

Data Privacy

We take student data protection seriously:

Email Verification: Students must verify their university email
Password Security: Strong password requirements enforced
Data Minimization: Only collect necessary information
User Control: Students can delete their reviews and account
No Third-Party Tracking: No analytics or tracking by default

Future Enhancements

User authentication and authorization (NextAuth.js ready)
Database integration (PostgreSQL migrations ready)
Image upload and gallery (AWS S3/Cloudinary ready)
Advanced search and filtering
Review voting system
Admin dashboard
Email notifications (SendGrid configured)
Map integration for locations (Google Maps API ready)
Comparison tool for accommodations
Mobile app version

Performance

Static site generation (SSG) for accommodation pages
Image optimization via Next.js Image component
Code splitting and lazy loading
Edge caching via Vercel CDN
Optimized bundle size
Server-side rendering where needed

Testing

Running Tests

# Run all tests
npm test

# Run tests in watch mode
npm run test:watch

# Generate coverage report
npm run test:coverage

Writing Tests

Tests use Jest and React Testing Library:

import { render, screen } from '@/__tests__/utils/test-utils';
import { AccommodationCard } from '@/components/accommodations/AccommodationCard';

describe('AccommodationCard', () => {
  it('renders accommodation details', () => {
    render(<AccommodationCard accommodation={mockAccommodation} />);
    expect(screen.getByText('Test Accommodation')).toBeInTheDocument();
  });
});

Coverage Requirements

Statements: 70%
Branches: 70%
Functions: 70%
Lines: 70%

Accessibility

RateMyAccom is built with accessibility in mind:

Semantic HTML elements
ARIA labels and roles
Keyboard navigation support
Screen reader compatibility
Color contrast compliance (WCAG AA)
Focus management

Contributing

How to Contribute

Fork the repository
Create a feature branch (git checkout -b feature/amazing-feature)
Commit your changes (git commit -m 'Add amazing feature')
Push to the branch (git push origin feature/amazing-feature)
Open a Pull Request

Code Standards

Follow the TypeScript style guide
Write tests for new features
Ensure all tests pass (npm test)
Run linting (npm run lint)
Format code (npm run format)
Maintain test coverage above 70%

Pre-commit Checks

The following checks run automatically before each commit:

ESLint (auto-fix enabled)
Prettier formatting
TypeScript type checking
Test suite

Support

For deployment issues, see:

License

MIT License - feel free to use this as a template for your own projects.

Name		Name	Last commit message	Last commit date
Latest commit History 131 Commits
.claude/agents		.claude/agents
.github/workflows		.github/workflows
.husky		.husky
.playwright-mcp		.playwright-mcp
__tests__		__tests__
app		app
components		components
e2e		e2e
hooks		hooks
lib		lib
playwright-report		playwright-report
prisma		prisma
providers		providers
public		public
scripts		scripts
test-results		test-results
tests		tests
types		types
vitest		vitest
.env.example		.env.example
.env.example.backend		.env.example.backend
.env.production.example		.env.production.example
.eslintrc.json		.eslintrc.json
.gitignore		.gitignore
.prettierignore		.prettierignore
.prettierrc.json		.prettierrc.json
.vercelignore		.vercelignore
ACCOUNT_LOCKOUT.md		ACCOUNT_LOCKOUT.md
API_ROUTES_UPDATE_SUMMARY.md		API_ROUTES_UPDATE_SUMMARY.md
AUDIT_LOGGING.md		AUDIT_LOGGING.md
BACKEND_ARCHITECTURE.md		BACKEND_ARCHITECTURE.md
BACKEND_IMPLEMENTATION_GUIDE.md		BACKEND_IMPLEMENTATION_GUIDE.md
BACKEND_SUMMARY.md		BACKEND_SUMMARY.md
BACKEND_TESTING_SUMMARY.md		BACKEND_TESTING_SUMMARY.md
CLAUDE.md		CLAUDE.md
CSRF_PROTECTION.md		CSRF_PROTECTION.md
DATABASE_SETUP_GUIDE.md		DATABASE_SETUP_GUIDE.md
DEPLOYMENT.md		DEPLOYMENT.md
DEPLOYMENT_CHECKLIST.md		DEPLOYMENT_CHECKLIST.md
ENHANCED_RATE_LIMITING.md		ENHANCED_RATE_LIMITING.md
IMPLEMENTATION_CHECKLIST.md		IMPLEMENTATION_CHECKLIST.md
IMPROVEMENTS_SUMMARY.md		IMPROVEMENTS_SUMMARY.md
KAN-10-TODO.md		KAN-10-TODO.md
KAN-11-TODO.md		KAN-11-TODO.md
KAN-12-TODO.md		KAN-12-TODO.md
KAN-13-TODO.md		KAN-13-TODO.md
KAN-14-TODO.md		KAN-14-TODO.md
KAN-15-TODO.md		KAN-15-TODO.md
KAN-16-TODO.md		KAN-16-TODO.md
KAN-17-TODO.md		KAN-17-TODO.md
KAN-18-TODO.md		KAN-18-TODO.md
KAN-19-TODO.md		KAN-19-TODO.md
KAN-20-TODO.md		KAN-20-TODO.md
KAN-21-TODO.md		KAN-21-TODO.md
KAN-22-TODO.md		KAN-22-TODO.md
KAN-23-TODO.md		KAN-23-TODO.md
KAN-24-TODO.md		KAN-24-TODO.md
KAN-25-TODO.md		KAN-25-TODO.md
KAN-26-TODO.md		KAN-26-TODO.md
KAN-27-TODO.md		KAN-27-TODO.md
KAN-28-TODO.md		KAN-28-TODO.md
KAN-5-TODO.md		KAN-5-TODO.md
KAN-6-TODO.md		KAN-6-TODO.md
KAN-7-TODO.md		KAN-7-TODO.md
KAN-8-TODO.md		KAN-8-TODO.md
KAN-9-TODO.md		KAN-9-TODO.md
MODAL_LIST_IMPLEMENTATION.md		MODAL_LIST_IMPLEMENTATION.md
QUICKSTART_DEPLOY.md		QUICKSTART_DEPLOY.md
QUICK_START.md		QUICK_START.md
README.md		README.md
SCRAPER_FIX_SUMMARY.md		SCRAPER_FIX_SUMMARY.md
SCRAPER_IMPLEMENTATION_SUMMARY.md		SCRAPER_IMPLEMENTATION_SUMMARY.md
SCRAPER_QUICK_START.md		SCRAPER_QUICK_START.md
SUPPORT_PAGE_SUMMARY.md		SUPPORT_PAGE_SUMMARY.md
SUPPORT_PAGE_TEST_REPORT.md		SUPPORT_PAGE_TEST_REPORT.md
SUPPORT_TABS_TEST_REPORT.md		SUPPORT_TABS_TEST_REPORT.md
TESTING.md		TESTING.md
TEST_REPORT.md		TEST_REPORT.md
WEB_SCRAPER_INSTRUCTIONS.md		WEB_SCRAPER_INSTRUCTIONS.md
about-page-cta-section.png		about-page-cta-section.png
about-page-feature-card-hover.png		about-page-feature-card-hover.png
about-page-features-grid.png		about-page-features-grid.png
about-page-full.png		about-page-full.png
about-page-hero-section.png		about-page-hero-section.png
about-page-mission-card.png		about-page-mission-card.png
about-page-navigation.png		about-page-navigation.png
about-page-story-section.png		about-page-story-section.png
about-page-values-section.png		about-page-values-section.png
components.json		components.json
jest.config.js		jest.config.js
jest.setup.js		jest.setup.js
middleware.ts		middleware.ts
next.config.js		next.config.js
package-lock.json		package-lock.json
package.json		package.json
playwright.config.ts		playwright.config.ts
postcss.config.js		postcss.config.js
tailwind.config.ts		tailwind.config.ts
test-support-page.ts		test-support-page.ts
tsconfig.json		tsconfig.json

Folders and files

Latest commit

History

Repository files navigation

RateMyAccom NSW

Features

Core Features

Security Features

Code Quality

Tech Stack

Project Structure

Getting Started

Prerequisites

Installation

Available Scripts

Key Components

Landing Page

Accommodation Detail Page

TypeScript Interfaces

Styling

Sample Data

Deployment

Quick Deploy to Vercel

Manual Deployment

Environment Setup

Production Features

Implemented

API Endpoints

Monitoring & Analytics

Security

Comprehensive Security Implementation

Input Validation & Sanitization

CSRF Protection

Rate Limiting

Security Headers

Authentication & Authorization

Data Privacy

Future Enhancements

Performance

Testing

Running Tests

Writing Tests

Coverage Requirements

Accessibility

Contributing

How to Contribute

Code Standards

Pre-commit Checks

Support

License

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages