This is a RESTful API for an E-commerce application built with Node.js, Express.js, and MySQL. The API allows for the management of products, categories, and user authentication.
Deployed on Railway.
https://web-production-3594.up.railway.app
- User Registration and Authentication
- CRUD operations for Products and Categories
- Role-based access control (only admins can create, update, and delete products and categories)
- Secure password storage with bcrypt
- Input validation and sanitization
- JWT-based authentication with cookies
- Node.js
- Express.js
- MySQL (XAAMP for local development)
- bcrypt
- JWT
- xss
- Jest (for testing)
- Swagger (OpenAPI) for API documentation
https://web-production-3594.up.railway.app/api-docs
- Node.js (LTS version recommended)
- XAAMP (for MySQL)
-
Clone the repository:
git clone https://github.com/talha-ansarii/E-Commerce-backend.git cd E-Commerce-backend -
Install dependencies:
npm install
-
Set up environment variables: Create a
.envfile in the root directory and add the following:PORT=3000 DB_HOST="YOUR DB HOST" DB_USER="YOUR DB USERNAME" DB_PASSWORD="YOUR DB PASSWORD" DB_NAME="YOUR DB NAME" JWT_SECRET="YOUR JWT SECRET" NODE_ENV=development/production
-
Set up the MySQL database using XAAMP:
- Start XAAMP and create a database named
ecommerce. - Import the SQL script provided in the
schema.sqlfile to create the necessary tables.
- Start XAAMP and create a database named
-
Run the server:
npm start
The API will be available at http://localhost:3000.
-
Register
POST /auth/register- Request Body:
{ "username": "new_user", "email": "[email protected]", "password": "securepassword", "role": "user" }
-
Login
POST /auth/login- Request Body:
{ "email": "[email protected]", "password": "securepassword" }
-
Logout
POST /auth/logout
-
Get Profile
GET /auth/profile
-
Update Profile
PUT /auth/profile- Request Body:
{ "username": "updated_user", "email": "[email protected]", "password": "newsecurepassword", "role": "admin" }
-
Get All Products
GET /products
-
Get Product by ID
GET /products/:id
-
Create Product (Admin only)
POST /products- Request Body:
{ "name": "Product Name", "description": "Product Description", "price": 99.99, "stock": 10, "categoryName" : "Product Category" }
-
Update Product (Admin only)
PUT /products/:id- Request Body (any field can be updated):
{ "name": "Updated Name", "description": "Updated Description", "price": 89.99, "stock": 5 }
-
Delete Product (Admin only)
DELETE /products/:id
-
Get All Categories
GET /categories
-
Get Category by ID
GET /categories/:id
-
Create Category (Admin only)
POST /categories- Request Body:
{ "name": "Category Name", "description" : "Category Description" }
-
Update Category (Admin only)
PUT /categories/:id- Request Body:
{ "name": "Updated Category Name", "description":"Updated Category Description" }
-
Delete Category (Admin only)
DELETE /categories/:id
To run tests, use the following command:
npm test