Building Revela: A Curated Art Auction Platform (Part 1) - Architecture
Building Revela: A Curated Art Auction Platform (Part 1)
Making serious art collecting safer, clearer, and more supported.
The Problem We're Solving
Art collecting online is broken. Buyers worry about authenticity and fraud. Sellers worry about non-payment. Both sides lack trust.
Revela fixes this with a curated ecosystem: verified users, approved artwork, and escrow-based payments with human assistance on every transaction.
Architectural Decisions
1. Event-Driven Order Management
The core of Revela is the OrderOrchestrator—a state machine that handles all order transitions atomically:
// API routes only trigger events
await orderOrchestrator.handleEvent(OrderEvent.SHIPPING_COST_PROVIDED, {
orderId,
shippingCost: input.shippingCost,
trackingCompany: input.trackingCompany
});
API endpoints never update state directly. This ensures:
- Consistent state transitions
- Audit trail of all events
- Easy testing of business logic
- No race conditions
2. Date-Based Status Detection
Auction status isn't stored in the database—it's computed from dates:
function getAuctionStatus(auction: Auction): AuctionStatus {
const now = new Date();
if (now < auction.startDate) return 'scheduled';
if (now <= auction.endDate) return 'active';
return 'ended';
}
Single source of truth. No sync issues. No stale data.
3. API-First Authorization
Server-side JWT validates all authorization. The client's useAuth hook is only for UI state:
// Server: Always verify
const user = await verifyJWT(request);
if (!user || !user.isVerified) {
return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
}
// Client: UI state only
const { user, isAuthenticated } = useAuth();
return isAuthenticated ? <Dashboard /> : <LoginPrompt />;
Never trust the client for security decisions.
4. Stateless Sessions
JWT in localStorage. No cookies. No CSRF attack surface:
// No cookies = no CSRF
const token = localStorage.getItem('auth_token');
fetch('/api/protected', {
headers: { 'Authorization': `Bearer ${token}` }
});
Trade-off: XSS becomes more critical. Solution: strict CSP headers.
The Dual-Approval Workflow
User Verification
Registration → Identity Documents → Admin Review → Verified
Users upload front/back of ID document. Admin manually reviews. Only verified users can bid.
Artwork Approval
Submission → Quality Review → Admin Approval → Listed
Sellers submit artwork for review. Admin approves for auction. Maintains platform quality.
Tech Stack
| Layer | Technology |
|---|---|
| Framework | Next.js 15 (App Router) |
| Database | PostgreSQL + Prisma |
| Auth | JWT (no cookies) |
| State | Zustand |
| Payments | Stripe (escrow) |
| i18n | i18next (EN/FR) |
| Testing | Vitest + Playwright |
What's Next
In Part 2, we'll dive into the escrow payment flow: how we handle the 10-state order process from auction end to seller payout.
Follow the series:
- Part 1: Architecture (this post)
- Part 2: Payment & Escrow Flow (coming Feb 14)
- Part 3: Real-Time Bidding (coming Feb 21)
- Part 4: Identity Verification (coming Feb 28)
Check it out: revela.club