How To Build a Hotel Management App Using Strapi & Next.js

One of the essential factors in running a hotel is having a well-trained team. Especially today, where electronic booking systems are the norm, making it possible to change room rates and availability while keeping customers updated instantly.


This is a companion discussion topic for the original entry at https://strapi.io/blog/how-to-build-a-hotel-management-app-using-strapi-and-nextjs

I’m a little confused with this article. It uses really bad practices without alerting the reader that it’s just a demo and that you should never do that for real:

  • the solution given to give permission to the “room” API endpoint is to give all permission (read and write) to everyone, meaning anyone can create/delete/update any room while we only need read access
  • passwords are stored in plain text
  • authentication works by getting all the users/password in the browser (so anyone can get the names and passwords of everyone!)

Also, the code on GitHub is only the Next part: it misses the Strapi part.