← BACK TO LEVEL SELECT

🌐 Full-Stack

Shopify Consultation Booking Platform

An embedded Shopify app for booking expert consultations — timezone-correct slot engine, calendar + video sync, idempotent order webhooks, and TTL holds that make double-booking impossible.

Overview

An embedded Shopify app that turns a storefront into a consultation-booking system. The hard parts aren’t the UI — they’re the ones that bite in production: making “9:00 AM” mean the same thing on every server, never confirming the same slot twice, and staying booking-accurate when webhooks arrive late, twice, or out of order. (Shown as a sanitized capability template — no client specifics.)

Architecture

flowchart TD
  A["Storefront<br/>booking calendar"] -->|"signed app proxy"| B["Availability API<br/>slot engine (UTC)"]
  B --> C["Calendar sync<br/>free/busy + working hours"]
  A -->|"select slot"| D["TTL hold<br/>10-min reservation"]
  D --> E["Add to cart<br/>line-item props"]
  E --> F{"order webhook<br/>HMAC + idempotent?"}
  F -->|"slot free"| G["Confirm booking<br/>(Postgres)"]
  F -->|"double-book"| H["Clean 200 + refund log<br/>no retry loop"]
  G --> I["Create meeting event<br/>+ confirmation email"]
  I --> J["Cron reminders<br/>24h / 1h + .ics"]

Engineering decisions

  • Timezone correctness as a property, not a hope — all slot math runs on true UTC instants with wall-clock windows anchored to the shop timezone, so a 9:00 AM local slot surfaces correctly even on a UTC host. Pinned with timezone-explicit unit tests.
  • Double-booking is structurally impossible — a TTL “hold” reservation (10-min expiry, auto-swept) plus a unique slot constraint, and an order webhook that’s HMAC-verified and idempotent on orderId. A race degrades to a clean 200 + a manual-refund log instead of a 5xx retry storm.
  • Two-way calendar integration — creates events with auto-generated video links on confirmation and reads free/busy to block availability; refresh tokens stored encrypted at rest with AES-256-GCM.

Highlights

  • Launch-safe on the platform — GDPR mandatory webhooks, a signed App Proxy for storefront data (no spoofable shop param), and injection-hardened .ics generation.
  • Clean service layer (slots / holds / reminders / export) backed by 11 test suites, with scheduled 24h + 1h reminder emails.