{"id":14967524,"url":"https://github.com/siegfriedbz/express-api-natours","last_synced_at":"2026-02-19T05:33:31.614Z","repository":{"id":237390622,"uuid":"786918569","full_name":"SiegfriedBz/Express-API-Natours","owner":"SiegfriedBz","description":"🏨 Express API serving as the backend for a React SPA. Built with TypeScript. Tested with Jest and SuperTest. Features user authentication, Stripe for handling payments, MongoDB, and Zod validation. Images are stored using Cloudinary, while Pug is utilized for dynamic email templates.","archived":false,"fork":false,"pushed_at":"2024-09-21T06:55:22.000Z","size":32292,"stargazers_count":2,"open_issues_count":2,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-10-30T02:28:20.657Z","etag":null,"topics":["bcrypt","cloudinary","eslint","express","husky","jest","jwt","mongodb","mongoose","multer","nodemailer","pino","prettier","pug","sharp","stripe-api","supertest","typescript","zod"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SiegfriedBz.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-04-15T14:49:44.000Z","updated_at":"2024-09-29T17:41:43.000Z","dependencies_parsed_at":"2024-05-02T10:07:43.049Z","dependency_job_id":"1fb94281-131e-4838-99a0-25a270b3bb24","html_url":"https://github.com/SiegfriedBz/Express-API-Natours","commit_stats":null,"previous_names":["siegfriedbz/express_api_ts-natours","siegfriedbz/express-api-natours"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/SiegfriedBz/Express-API-Natours","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SiegfriedBz%2FExpress-API-Natours","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SiegfriedBz%2FExpress-API-Natours/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SiegfriedBz%2FExpress-API-Natours/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SiegfriedBz%2FExpress-API-Natours/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SiegfriedBz","download_url":"https://codeload.github.com/SiegfriedBz/Express-API-Natours/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SiegfriedBz%2FExpress-API-Natours/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279278177,"owners_count":26138917,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-17T02:00:07.504Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bcrypt","cloudinary","eslint","express","husky","jest","jwt","mongodb","mongoose","multer","nodemailer","pino","prettier","pug","sharp","stripe-api","supertest","typescript","zod"],"created_at":"2024-09-24T13:38:11.095Z","updated_at":"2025-10-17T03:40:23.078Z","avatar_url":"https://github.com/SiegfriedBz.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Natours API\n\nThe Natours API originated from a server-rendered web application tutorial in JavaScript, where Pug was used for server-side rendering across all routes.\n\nI refactored and rebuilt the entire project in TypeScript, transforming it into a robust API featuring user authentication, tour bookings, and reviews, with MongoDB for data storage. \nAdditionally, I introduced Zod for input validation and Cloudinary for efficient image storage. \nPug continues to be utilized exclusively for email templates. \nI also added comprehensive testing with Jest and SuperTest to ensure the API's reliability.\n\nThe Natours API now serves as the backend for another project I developed— a [React Single Page Application (SPA)](https://github.com/SiegfriedBz/vite_react_ts-natours) tested with Cypress — providing a seamless web application experience.\n\nTo facilitate easy interaction with the API, I have included a comprehensive [Postman documentation](https://documenter.getpostman.com/view/27920009/2sA3QtcqG8).\n\n\n## Table of Contents\n\n- [Getting Started](#getting-started)\n- [Installation](#installation)\n- [Environment Variables](#environment-variables)\n- [Seeding the Database](#seeding-the-database)\n- [Running Tests](#running-tests)\n- [Running the API](#running-the-api)\n- [API Routes](#api-routes)\n - [Public Routes](#public-routes)\n - [Protected Routes](#protected-routes)\n- [Technologies Used](#technologies-used)\n- [Deployment](#deployment)\n- [Postman Documentation](#postman-documentation) 🚀\n\n\n## Getting Started\n\nFollow these instructions to get a copy of the project up and running on your local machine for development and testing purposes.\n\n### Prerequisites\n\nEnsure you have the following installed \u0026 set up:\n\n- Node.js `20.x`\n- Mongo DB account\n- Cloudinary account\n- Mailtrap account (for email notifications in development mode)\n- Brevo account (for email notifications in production mode)\n- Stripe account\n\n## Installation\n\nClone the repository and install the dependencies:\n\n```bash\ngit clone https://github.com/your-repo/api_ts_zod.git\ncd api_ts_zod\nnpm install\n```\n\n## Environment Variables \n\n # SERVER\n PORT=1337\n SERVER_DOMAIN_NAME=localhost\n \n # CLIENT\n CORS_ALLOWED_ORIGINS=http://localhost:3000\n \n # MONGO\n MONGO_DB_URL=your_mongo_db_url\n \n # STRIPE\n STRIPE_PRIVATE_KEY=your_stripe_private_key\n STRIPE_PUBLIC_KEY=your_stripe_public_key\n STRIPE_WEBHOOK_ENDPOINT_SECRET=your_stripe_webhook_endpoint_secret\n \n # EMAIL\n EMAIL_FROM=your_email@example.com\n \n # EMAIL - DEV\n MAILTRAP_EMAIL_HOST=your_mailtrap_host\n MAILTRAP_EMAIL_PORT=your_mailtrap_port\n MAILTRAP_EMAIL_USERNAME=your_mailtrap_username\n MAILTRAP_EMAIL_PASSWORD=your_mailtrap_password\n \n # EMAIL - PROD\n BREVO_EMAIL_ADMIN=your_brevo_admin_email\n BREVO_EMAIL_SMTP_KEY=your_brevo_smtp_key\n \n # CLOUDINARY\n CLOUDINARY_CLOUD_NAME=your_cloudinary_cloud_name\n CLOUDINARY_API_KEY=your_cloudinary_api_key\n CLOUDINARY_API_SECRET=your_cloudinary_api_secret\n \n # PASSWORD_RESET TOKEN\n PASSWORD_RESET_TOKEN_EXPIRES_IN=600000\n \n # JWTs TOKENS\n ACCESS_TOKEN_PRIVATE_KEY=your_access_token_private_key\n ACCESS_TOKEN_PUBLIC_KEY=your_access_token_public_key\n REFRESH_TOKEN_PRIVATE_KEY=your_refresh_token_private_key\n REFRESH_TOKEN_PUBLIC_KEY=your_refresh_token_public_key\n\n\n## Seeding the Database \n\nTo seed the database, use the following commands: \n\nIn development mode:\n```bash\nnpm run seed:dev\n```\n\nIn production mode:\n```bash\nnpm run seed:production\n```\n\n\n## Running Tests \n\nThe tests written with Jest and Supertest can be run with:\n```bash\nnpm run test\n```\n\n## Running the API \n\nTo start the development server, use the following command:\n```bash\nnpm run dev\n```\n\nTo build and start the production server, use the following commands:\n```bash\nnpm run build\nnpm start\n```\n\n\n## API Routes\n\n### Public Routes\n\n # Healthcheck Route\n \n - GET /api/v1/healthcheck**: Check the health of the API.\n \n # Tours Routes\n \n - GET /api/v1/tours : Fetch all tours.\n - GET /api/v1/tours/top-5-cheap : Fetch top 5 cheapest tours.\n - GET /api/v1/tours/:tourId : Fetch a tour by tour ID.\n - GET /api/v1/tours/stats : Fetch statistics about tours.\n - GET /api/v1/tours/within/:distance/center/:latlng/unit/:unit : Fetch tours within a given distance from a point.\n - GET /api/v1/tours/distances-from/:latlng/unit/:unit : Fetch distances to all tours from a point.\n - GET /api/v1/tours/:id/reviews : Get all reviews for a given tour.\n \n # Users Routes\n \n - POST /api/v1/users/signup : Create a new user account.\n \n # Sessions Routes\n \n - POST /api/v1/sessions/login : Login a user.\n - DELETE /api/v1/sessions/logout : Logout a user.\n \n # Reviews Routes\n \n - GET /api/v1/reviews : Get all reviews for all tours.\n - GET /api/v1/reviews/:reviewId : Get a review by review ID.\n - GET /api/v1/tours/:id/reviews : Get all reviews for a given tour.\n\n### Protected Routes\n\n # Logged in as user routes\n\n - GET /api/v1/bookings/checkout-session/:tourId : Get the Stripe checkout session for a booking on a tour.\n - GET /api/v1/users/me : Fetch the logged-in user's profile.\n - POST /api/v1/users/forgot-my-password : Step 1 in the forgot/reset password process.\n - POST /api/v1/users/reset-my-password : Step 2 in the forgot/reset password process.\n - PATCH /api/v1/users/update-me : Update the logged-in user's profile.\n - PATCH /api/v1/users/update-my-password : Update the logged-in user's password.\n - PATCH /api/v1/users/delete-me : Deactivate the logged-in user's account.\n - GET /api/v1/users/my-bookings : Get the bookings belonging to the logged-in user.\n - POST /api/v1/tours/:id/reviews : Create a review for a tour.\n - PATCH /api/v1/reviews/:reviewId : Update a review.\n \n # Logged in as admin routes\n \n - GET /api/v1/users : Get all users data.\n - GET /api/v1/users/:userId : Get user by user ID.\n - PATCH /api/v1/users/:userId : Update user data (name and/or role).\n - GET /api/v1/tours/:id/bookings : Fetch all bookings for a tour.\n - GET /api/v1/bookings : Fetch all bookings.\n - GET /api/v1/bookings/:bookingId : Fetch a booking by ID.\n - DELETE /api/v1/reviews/:reviewId : Delete a review.\n\n # Logged in as admin or lead-guide routes\n \n - POST /api/v1/tours : Create a tour.\n - PATCH /api/v1/tours/:tourId : Update a tour.\n - DELETE /api/v1/tours/:tourId : Delete a tour.\n\n # Logged in as admin, lead-guide or guide routes\n \n - GET /api/v1/tours/monthly-stats/:year : Get monthly stats for tours.\n\n # Webhook Route\n \n - POST /stripe/webhook : Endpoint for Stripe webhook.\n - Allows Stripe to send events after user checkout.\n - Listens for `checkout.session.completed` events.\n - Creates a booking record in the database upon receiving `checkout.session.completed` event.\n \n\n## Technologies Used\n\n### Backend Technologies\n\n- **Node.js**\n- **Express**\n- **TypeScript**\n- **MongoDB**\n- **Mongoose**\n- **Zod** (for request validation)\n- **JWT** (for authentication)\n- **Nodemailer** (for email notifications)\n- **Pug** (for email templates)\n- **Stripe** (for payment processing)\n- **Multer** (for handling file uploads)\n- **Cloudinary** (for image storage)\n- **Day.js** (for date manipulation)\n- **Pino** (for logging)\n\n### Development Tools\n\n- **Husky** (for Git hooks)\n- **ESLint** (for code linting)\n- **Prettier** (for code formatting)\n\n### Testing Tools\n\n- **Jest** (for unit testing)\n- **Supertest** (for testing HTTP APIs)\n\n## Deployment\nThe Natours API is deployed on Render.com\n\n## Postman Documentation\n[Postman](https://documenter.getpostman.com/view/27920009/2sA3QtcqG8)\n\n\n\n\n\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsiegfriedbz%2Fexpress-api-natours","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsiegfriedbz%2Fexpress-api-natours","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsiegfriedbz%2Fexpress-api-natours/lists"}