The following screenshots demonstrate the full user journey through every role in the platform.
A visitor can browse all available products without being logged in. The Cart and My Orders buttons are hidden from the navbar, enforcing authentication boundaries.
Any registered customer can upgrade to a Vendor account by providing their store name and description. This is handled by our dedicated
become_vendorview, which atomically setsis_vendor=Trueand creates a linkedVendorprofile.
The Vendor Dashboard shows a fully secure, data-table of all products belonging to only the currently logged-in vendor. The query is filtered server-side using
Product.objects.filter(vendor=request.user.vendor).
Clicking "Edit" on any product opens a pre-filled form backed by
ProductForm(instance=product). Aget_object_or_404guard ensures a vendor can never edit another vendor's products via URL manipulation.
After checkout, all orders are displayed in the "My Orders" page. Each order card shows its status badge, shipping details, itemized list, and the total amount. Pending orders show a Pay with Khalti button.
Clicking "Pay with Khalti" triggers the Khalti SDK flow. Upon user confirmation, the frontend sends a cryptographic token to our DRF endpoint
/api/orders/{id}/verify_khalti/, which performs server-to-server validation and updates the order status toprocessing.
The Django Admin panel provides superusers with full CRUD access over all registered models: Categories, Products, Variants, Vendors, Profiles, Carts, Orders, and Users — all managed through the custom
CustomerUsermodel.






