Feb 2026 — Present · Web App
Seller-first digital storefront for digital products. Full commerce flow from product creation to checkout, fulfillment, buyer access, refunds, and seller payouts.
Visit StashQArchitecture
Next.js App Router with TypeScript. Supabase for auth and PostgreSQL with row-level security. S3-compatible storage for files. Razorpay for payments. Tailwind CSS and shadcn/ui for the frontend.
Multi-step onboarding: identity, store URL, logo upload with cropping, about content, support email, social links. Username normalization and availability checks. Draft saves so sellers can finish later. Public store pages with profile, branding, and product display.
Multi-step editor for product details, description with rich text, media uploads, thumbnails, pricing, licensing, refund policy, and publish state. Products can be drafts. Server-side parsing and normalization. Publish validation before going live.
Browser chunks files and uploads parts concurrently using presigned URLs. Server creates upload sessions, tracks uploaded parts, handles completion. Local resumable session persistence so interrupted uploads can resume. The application server never receives file bytes — it only signs URLs.
Payment order creation, Razorpay signature verification server-side, idempotent purchase creation after successful payment. Duplicate webhooks don't create duplicate purchases. Post-purchase access links issued. Seller notifications queued.
Protected file download routes that verify buyer/seller/guest access, create signed object URLs with short expiry, and track download events. Public preview files separate from protected delivery files. Guest buyers access through email-based tokens.
Seller payout overview, setup flows backed by Razorpay linked accounts, payout release logic from eligible earnings into batches, provider transfer execution with processing/completed/failed states, retry handling, and seller notifications.
Buyer-created refund requests, seller review with threaded messaging, approval/decline/close/expiry states, provider refund execution, ledger voiding after approved refunds. Eligibility depends on product policy, refund windows, and payment status.
Account settings for identity, storage, payout, subscription, security, notifications, billing. Session/device tracking with user agent parsing, IP metadata, current-session tracking. MFA-related account surfaces.
Job routes for payout release, refund request expiry, email event processing, and operational cleanup. Email event queueing with retry processing. Cleanup helpers for stale data and access tokens.
Technologies