Profile picture

Development
PortFolio

Pierre-Yves Léglise

<< Back

PlayItNow

Cover Image for PlayItNow
Pierre-Yves Léglise
Pierre-Yves Léglise
Posted underProjects

Entertainement SaaS for live show

Modern and Secure Technical Architecture

PlayItNow is a SaaS application built with React 18 and TypeScript. It uses Vite as the build tool, Tailwind CSS 4 for styling, and Fastify with MongoDB for the backend. The focus has been on security and user experience.

Technical Stack

Frontend:

  • React 18 + TypeScript
  • Vite for build and development
  • Tailwind CSS 4 with custom theme system
  • PWA (Progressive Web App) installable on mobile
  • React Router DOM for navigation
  • Context API for global state management
  • FontAwesome for icons

Backend:

  • Fastify (high-performance HTTP framework)
  • MongoDB with Mongoose (ODM)
  • Zod for schema validation
  • JWT with refresh tokens and session rotation
  • CSRF protection with hashed tokens

Security and Authentication

The authentication process follows the latest security recommendations:

  • JWT with access token (short-lived) and refresh token (long-lived)
  • httpOnly cookies to securely store tokens
  • CSRF protection with server-side validation
  • Multi-tenant isolation: all data is isolated by band (bandId)
  • Role-based access control: fans, bands, superadmin with granular permissions
  • Client-side fingerprinting to prevent vote fraud
  • Image proxy to bypass CSP restrictions while maintaining security

Main Features

For Music Bands:

  • Concert venue management
  • Event/concert creation and management
  • Reusable global song library
  • QR code generation for event sharing
  • Real-time live dashboard with vote rankings
  • Band member management (invitations, owner promotion)
  • Real-time marking of played songs
  • Control over ranking visibility (blind vote mode)

For Spectators:

  • Intuitive public voting interface
  • Anonymous or user account identification
  • Real-time ranking of most voted songs
  • Event sharing via QR code
  • Installable PWA on mobile
  • Multilingual support (FR, EN, ES)

Advanced Features:

  • Anti-fraud system with fingerprinting and vote limitations
  • Copy song lists between events
  • Automatic alphabetical sorting of songs
  • Tiebreaker management (chronological or manual)
  • Fullscreen mode for live dashboard
  • Dark mode with toggle
  • Responsive design for all screen sizes

Multi-Tenant Architecture

The application is designed to completely isolate each band’s data. All backend requests automatically filter by bandId, ensuring that a band can only access its own data.

GDPR Compliance

  • Personal data export (implementation in progress)
  • Complete privacy policy
  • Legal notices
  • Cookie policy with consent banner
  • Separate terms of service for bands and public
  • Right to be forgotten (account deletion)

Used in production since nov. 2025.

Last update : v1.0.1 – November 2025

Ressources :

WebApp adress : https://app.playitnow.live

<< Back

More projects :

Cover Image for Game event landing page demo

Game event landing page demo

Form validation. Simple landing page example to play with form validation in Javascript. Ressources : Live demo Github repository

Cover Image for cff-to-pdf API

cff-to-pdf API

Specific API tool. ## Description API service for converting Calculated Field Form (WordPress) webhook data into professional PDF documents and sending them via email. The application is developed with Node.js, Fastify, Puppeteer, Nodemailer, and more. ## Installation This application requires a Node.js environment and can be deployed as a standalone API service. Installation must be […]