{"id":49559782,"url":"https://github.com/raptor7197/trizen-ventures-task","last_synced_at":"2026-05-03T07:48:04.580Z","repository":{"id":345898067,"uuid":"1184515915","full_name":"raptor7197/trizen-ventures-task","owner":"raptor7197","description":"The Assignment Task For trizen ventures (backend link : https://trizen-ventures-task.onrender.com/)","archived":false,"fork":false,"pushed_at":"2026-03-21T07:26:07.000Z","size":86,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-03T07:47:53.474Z","etag":null,"topics":["assignment-solutions","marketplace","webapp"],"latest_commit_sha":null,"homepage":"https://trizen-ventures-task-roqr.vercel.app/","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/raptor7197.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-17T16:59:57.000Z","updated_at":"2026-04-25T04:59:48.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/raptor7197/trizen-ventures-task","commit_stats":null,"previous_names":["raptor7197/trizen-ventures-task"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/raptor7197/trizen-ventures-task","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/raptor7197%2Ftrizen-ventures-task","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/raptor7197%2Ftrizen-ventures-task/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/raptor7197%2Ftrizen-ventures-task/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/raptor7197%2Ftrizen-ventures-task/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/raptor7197","download_url":"https://codeload.github.com/raptor7197/trizen-ventures-task/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/raptor7197%2Ftrizen-ventures-task/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32562118,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-03T06:36:36.687Z","status":"ssl_error","status_checked_at":"2026-05-03T06:36:09.306Z","response_time":103,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["assignment-solutions","marketplace","webapp"],"created_at":"2026-05-03T07:48:03.924Z","updated_at":"2026-05-03T07:48:04.574Z","avatar_url":"https://github.com/raptor7197.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# MarketNest\n\nMini fashion marketplace built with MongoDB, Express, React, and Node.js for the Trizen Ventures assignment.\n\n## Stack\n\n- Frontend: React 18, Vite, Tailwind CSS, React Router, Axios\n- Backend: Node.js, Express, Mongoose, Joi\n- Auth: JWT access token + refresh token\n- Storage: Cloudinary\n- Deployment: Vercel (client) + Render (server)\n\n## Architecture\n\n```text\nclient/\n  src/api            Axios instance, API wrappers, auth refresh handling\n  src/context        Auth state and session bootstrap\n  src/pages          Route-level UI\n  src/components     Reusable UI and route guards\n\nserver/\n  src/config         MongoDB and Cloudinary setup\n  src/controllers    Request handlers\n  src/middleware     Auth, role, ownership, validation, error handling\n  src/models         User and Product schemas\n  src/routes         Thin route definitions\n  src/services       Token generation and verification\n  src/validators     Joi request validation\n  src/scripts        Seed script for placeholder marketplace data\n```\n\n## Technical Implementation\n\n### Authentication\n\n- Signup requires `name`, `email`, `password`, and `role`.\n- Passwords are hashed with `bcryptjs` in the `User` model pre-save hook.\n- Login returns:\n  - access token in JSON\n  - refresh token in an `httpOnly` cookie\n- Access token is sent in the `Authorization` header for protected requests.\n- Refresh token is stored hashed in MongoDB and validated through `/api/auth/refresh`.\n- Axios interceptors retry failed `401` requests after requesting a new access token.\n- Logout clears the refresh cookie and removes the stored refresh token from the user document.\n\n### Authorization\n\n- `authenticate` middleware verifies JWT access tokens.\n- `requireRole('brand')` restricts dashboard, create, update, delete, and upload routes.\n- `checkOwnership` ensures a brand can edit or archive only its own products.\n- Customers can only access public product browsing endpoints.\n\n### Product Flow\n\n- Product schema includes `name`, `description`, `price`, `category`, `images`, `brand`, and `status`.\n- `status` supports `draft`, `published`, and `archived`.\n- Marketplace queries only return `published` products.\n- Search uses case-insensitive name matching.\n- Category filtering and pagination are handled server-side.\n- Brand dashboard aggregates total, published, archived, and draft counts.\n- Delete is implemented as soft delete by setting `status` to `archived`.\n\n### Uploads\n\n- Image uploads are handled through `multer` and Cloudinary.\n- Product image arrays are limited to 5 items.\n\n### Security Decisions\n\n- Password hashing: `bcryptjs`\n- Input validation: Joi schemas on auth and product routes\n- Secrets: environment variables only\n- Refresh token transport: `httpOnly` cookie\n- Production cookie policy: `secure: true`, `sameSite: 'none'`\n- CORS: frontend origin restricted through `CLIENT_URL`\n\n## API\n\n### Auth\n\n- `POST /api/auth/signup`\n- `POST /api/auth/login`\n- `POST /api/auth/logout`\n- `POST /api/auth/refresh`\n- `GET /api/auth/me`\n\n### Products\n\n- `GET /api/products`\n- `GET /api/products/:id`\n- `GET /api/products/brand/dashboard`\n- `GET /api/products/brand/all`\n- `POST /api/products`\n- `PUT /api/products/:id`\n- `DELETE /api/products/:id`\n\n### Upload\n\n- `POST /api/upload`\n\n## Environment Variables\n\n### Server\n\n```env\nPORT=5000\nNODE_ENV=development\nMONGO_URI=mongodb+srv://\u003cusername\u003e:\u003cpassword\u003e@cluster.mongodb.net/marketnest\nJWT_SECRET=your-access-secret\nJWT_REFRESH_SECRET=your-refresh-secret\nCLOUDINARY_CLOUD_NAME=your-cloud-name\nCLOUDINARY_API_KEY=your-api-key\nCLOUDINARY_API_SECRET=your-api-secret\nCLIENT_URL=http://localhost:5173\n```\n\n### Client\n\n```env\nVITE_API_URL=http://localhost:5000/api\n```\n\n## Local Setup\n\n```bash\ncd server\nnpm install\nnpm run dev\n```\n\n```bash\ncd client\nnpm install\nnpm run dev\n```\n\n## Deployment\n\n### Backend\n\n- Platform: Render\n- Root directory: `server`\n- Build command: `npm install`\n- Start command: `npm start`\n- Required env vars: all server variables listed above\n\n### Frontend\n\n- Platform: Vercel\n- Root directory: `client`\n- Build command: `npm run build`\n- Output directory: `dist`\n- Required env var:\n\n```env\nVITE_API_URL=https://your-render-service.onrender.com/api\n```\n\n### Deployment Notes\n\n- Set `CLIENT_URL` on the backend to the exact Vercel domain.\n- Refresh-token cookies require HTTPS in production.\n- Cross-site auth between Vercel and Render depends on:\n  - `withCredentials: true` in Axios\n  - `sameSite: 'none'`\n  - `secure: true`\n  - correct CORS origin\n\n## Placeholder Marketplace Data\n\nSeed script:\n\n```bash\ncd server\nnpm run seed\n```\n\nThis creates a brand account and published placeholder products for marketplace testing.\n\n- Email: `seed.brand@marketnest.demo`\n- Password: `SeedBrand123!`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fraptor7197%2Ftrizen-ventures-task","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fraptor7197%2Ftrizen-ventures-task","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fraptor7197%2Ftrizen-ventures-task/lists"}