Skip to content

iamskyy666/nodejs-ecommerce-api

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

42 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

πŸ›’ E-Commerce REST API

Node.js Express MongoDB License Status

A production-ready RESTful E-Commerce API built with Node.js, Express.js 5, and MongoDB Atlas.

This project demonstrates modern backend development practices including JWT Authentication, Role-Based Authorization, Product Management, Reviews, Orders, Image Uploads, API Security, and Interactive API Documentation using Swagger UI.


🌐 Live Demo

πŸš€ Live API

https://nodejs-ecommerce-api-xg1q.onrender.com

πŸ“– Swagger Documentation

https://nodejs-ecommerce-api-xg1q.onrender.com/api-docs


✨ Features

πŸ” Authentication & Authorization

  • JWT Authentication
  • HTTP-Only Cookie Authentication
  • User Registration
  • User Login
  • Logout
  • Role-Based Authorization (Admin/User)
  • Protected Routes

πŸ‘€ User Management

  • View Current User
  • Update User Profile
  • Update Password
  • Get Single User (Admin)
  • Get All Users (Admin)

πŸ“¦ Product Management

  • Create Product
  • Update Product
  • Delete Product
  • Get Single Product
  • Get All Products
  • Upload Product Images
  • Product Image Validation

⭐ Review System

  • Create Reviews
  • Update Reviews
  • Delete Reviews
  • Get Product Reviews
  • Prevent Duplicate Reviews
  • Populate User Information
  • Populate Product Information

πŸ›’ Order Management

  • Create Orders
  • Get Current User Orders
  • Get Single Order
  • Get All Orders (Admin)
  • Update Order Status

πŸ—„οΈ Database Features

  • MongoDB Aggregation Pipelines
  • Mongoose Populate
  • Mongoose Virtual Populate
  • Mongoose Middleware
  • Schema Validation
  • Password Hashing with bcrypt
  • Model Relationships

πŸ›‘οΈ Security

  • Helmet Security Headers
  • CORS
  • Rate Limiting
  • HTTP-Only Cookies
  • JWT Verification
  • Protected Routes
  • Input Validation

πŸ“„ Documentation

  • Interactive Swagger UI
  • Organized REST Endpoints
  • Built-in Request/Response Testing

πŸ› οΈ Tech Stack

Backend

  • Node.js
  • Express.js 5

Database

  • MongoDB Atlas
  • Mongoose

Authentication

  • JSON Web Tokens (JWT)
  • bcrypt

Security

  • Helmet
  • express-rate-limit
  • cookie-parser
  • CORS

File Uploads

  • express-fileupload

Documentation

  • Swagger UI
  • swagger-jsdoc

Logging

  • Morgan

πŸ“‚ Project Structure

ecommerce-api/
β”‚
β”œβ”€β”€ controllers/
β”œβ”€β”€ db/
β”œβ”€β”€ docs/
β”œβ”€β”€ errors/
β”œβ”€β”€ middleware/
β”œβ”€β”€ models/
β”œβ”€β”€ public/
β”‚   └── uploads/
β”œβ”€β”€ routes/
β”œβ”€β”€ utils/
β”‚
β”œβ”€β”€ app.js
β”œβ”€β”€ package.json
β”œβ”€β”€ .env
β”œβ”€β”€ .gitignore
└── README.md

βš™οΈ Installation

Clone the repository

git clone https://github.com/iamskyy666/nodejs-ecommerce.git
cd nodejs-ecommerce

Install dependencies

npm install

Create a .env file

PORT=5000

MONGO_URI=your_mongodb_connection_string

JWT_SECRET=your_super_secret_key

JWT_LIFETIME=1d

NODE_ENV=development

Run the development server

npm run dev

Run in production

npm start

πŸ“– API Documentation

After starting the server locally, open:

http://localhost:5000/api-docs

The interactive Swagger documentation allows you to:

  • Explore all endpoints
  • Test API requests
  • View request bodies
  • View response schemas
  • Understand authentication requirements

πŸ” Authentication

Protected endpoints require authentication.

After logging in successfully, the API stores a signed HTTP-Only JWT Cookie, which is automatically used for subsequent authenticated requests.

Role-based permissions ensure that administrative operations are restricted to authorized users.


πŸ›‘οΈ Security Features

  • Password hashing using bcrypt
  • JWT Authentication
  • HTTP-Only Cookies
  • Role-Based Authorization
  • Helmet Security Headers
  • CORS Protection
  • Rate Limiting
  • Input Validation
  • Secure Cookie Support

πŸ“¦ Key Dependencies

  • express
  • mongoose
  • bcrypt
  • jsonwebtoken
  • cookie-parser
  • dotenv
  • helmet
  • cors
  • express-rate-limit
  • express-fileupload
  • validator
  • morgan
  • swagger-jsdoc
  • swagger-ui-express

πŸš€ Future Improvements

  • Stripe Payment Integration
  • Email Verification
  • Forgot/Reset Password
  • Docker Support
  • Unit & Integration Testing
  • GitHub Actions CI/CD
  • Redis Caching
  • Search, Filtering & Pagination
  • Order History Analytics

πŸ“· Screenshots

Screenshots of the application, Swagger documentation, MongoDB Atlas collections, and Postman API testing will be added soon.


πŸ‘¨β€πŸ’» Author

Soumadip Banerjee

Backend Developer β€’ MERN Stack Developer

GitHub:

https://github.com/iamskyy666


⭐ Support

If you found this project useful, consider giving it a ⭐ Star on GitHub.

It helps others discover the project and motivates future improvements.


πŸ“„ License

This project is licensed under the ISC License.

About

βœ… Production-ready E-Commerce REST API built with Node.js, Express.js 5, MongoDB Atlas, JWT Authentication, Role-Based Authorization, Swagger UI, and secure REST architecture. πŸ›’

Topics

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors