Carter's Project

Carter’s – Headless SFCC (PWA Kit)

Technical Achievement: Custom Cartridge Logic

Developed and maintained a headless storefront using PWA Kit. Implemented complex API integrations (OCAPI / SCAPI / SLAS) and payment solutions. Improved frontend performance and overall user experience.

Enterprise Checkout Optimization Integrated multiple payment methods (PayPal, Apple Pay, AfterPay). Enhanced checkout flow and reduced friction points. Contributed to improved conversion rates and checkout completion.

// Example of a Controller customization
'use strict';

/**
 * @module hooks/onRequest
 * Demonstrates SLAS (Shopper Login & API Access Service) integration 
 * within the Salesforce Commerce Cloud request lifecycle.
 */

var Status = require('dw/system/Status');
var Logger = require('dw/system/Logger').getLogger('SLAS', 'auth');

/**
 * onRequest hook: Executed before any controller action.
 * Useful for validating Headless Shopper JWTs (SLAS).
 */
exports.onRequest = function () {
    var request = dw.system.Request;
    
    // 1. Check if the request contains a SLAS Shopper JWT in the headers
    // Usually passed as 'Authorization: Bearer <JWT>'
    var authHeader = request.httpHeaders.get('authorization');
    
    if (authHeader && authHeader.indexOf('Bearer ') === 0) {
        var slasToken = authHeader.split('Bearer ')[1];

        try {
            // 2. Validate the SLAS Token (Hypothetical helper or SCAPI call)
            // In a real-world scenario, you might verify the JWT claims 
            // or check against the SLAS Auth Service.
            if (isValidSlasToken(slasToken)) {
                Logger.debug('SLAS Token validated for request: {0}', request.httpPath);
                
                // You could optionally set the session to recognized/authenticated
                // session.setCustomer(customerFromSlas); 
                
                return new Status(Status.OK);
            }
        } catch (e) {
            Logger.error('SLAS Authentication failed: {0}', e.message);
            // Optional: Redirect to login or return 401
        }
    }

    return new Status(Status.OK);
};

/**
 * Mock helper to simulate SLAS JWT validation
 */
function isValidSlasToken(token) {
    // Logic to decode JWT and check 'exp' (expiration) and 'sub' (subject)
    return !!token && token.length > 0;
}