https://github.com/dscmatter/bookapis
A backend API for a Book Review Platform built with Node.js, Express, TypeScript, and PostgreSQL. It provides secure user authentication, book management, and review features with JWT-based access control, pagination, and average rating calculations.
https://github.com/dscmatter/bookapis
api-rest express jwt nodejs postgresql-database typescript
Last synced: 9 months ago
JSON representation
A backend API for a Book Review Platform built with Node.js, Express, TypeScript, and PostgreSQL. It provides secure user authentication, book management, and review features with JWT-based access control, pagination, and average rating calculations.
- Host: GitHub
- URL: https://github.com/dscmatter/bookapis
- Owner: DSCmatter
- License: mit
- Created: 2025-07-24T12:16:22.000Z (11 months ago)
- Default Branch: main
- Last Pushed: 2025-09-04T20:44:20.000Z (10 months ago)
- Last Synced: 2025-09-04T22:26:44.571Z (10 months ago)
- Topics: api-rest, express, jwt, nodejs, postgresql-database, typescript
- Language: TypeScript
- Homepage:
- Size: 86.9 KB
- Stars: 2
- Watchers: 0
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# PageCritic
Is a set of backend API for a Book Review Platform, built with **Node.js**, **Express**, **TypeScript**, and **PostgreSQL**. It provides a robust set of RESTful endpoints for user authentication, book management, and review functionalities.
---
## Features
### User Authentication
* User registration (Signup).
* User login, returning a JSON Web Token (JWT) for authentication.
* Protected routes accessible only by authenticated users.
* Retrieve authenticated user's profile.
* Delete a user's own account.
### Book Management
* Add new books (title, author, genre) - authenticated access only.
* Retrieve a paginated list of all books.
* Filter books by genre and/or author.
* View details of a single book, including its average rating and associated reviews.
* Delete books - authenticated access only.
### Review Management
* Add reviews and ratings (1-5 stars) to books - authenticated access only.
* View all reviews for a specific book (integrated into book detail endpoint).
* Delete reviews - authenticated access only, only the original reviewer can delete their own review.
* Automatically calculates and displays the average rating for each book.
---
## Technologies Used
* **Runtime:** Node.js
* **Language:** TypeScript
* **Web Framework:** Express.js
* **Database:** PostgreSQL
* **Database Client:** `pg` (Node.js PostgreSQL client)
* **Authentication:** JWT with `jsonwebtoken` and `bcryptjs` for password hashing.
* **Environment Variables:** dotenv
---
## Getting Started
Follow these steps to set up and run the backend locally.
### Prerequisites
Ensure you have the following installed on your system:
* Node.js (LTS version recommended)
* npm (comes with Node.js) or pnpm
* PostgreSQL (version 14 or higher recommended)
### 1. Clone the Repository
```bash
git clone https://github.com/DSCmatter/PageCritic
cd PageCritic
```
### 2. Backend Setup
Navigate into the backend directory and install dependencies:
```bash
cd backend
npm install # or pnpm install
```
### 3. Environment Variables
Create a `.env` file in the `backend/` directory and add the following configuration:
```env
# PostgreSQL Database Configuration
DB_USER=book_app_user
DB_PASSWORD=some-passwd
DB_HOST=localhost
DB_PORT=5432
DB_DATABASE=book_review_db
# JWT Configuration
JWT_SECRET=your_super_secret_jwt_key_here_make_it_long_and_random
JWT_EXPIRES_IN=1h
# Server Configuration
PORT=5000
```
### 4. PostgreSQL Database Setup
**Create the database and user:**
Feel free to replace `some-passwd` with your own.
```sql
CREATE DATABASE book_review_db;
CREATE USER book_app_user WITH PASSWORD 'some-passwd';
GRANT ALL PRIVILEGES ON DATABASE book_review_db TO book_app_user;
```
**Initialize the schema:**
Create a file `backend/sql/init.sql` and add the schema provided in the documentation. Then run:
```bash
psql -U book_app_user -d book_review_db -h localhost -p 5432 -f sql/init.sql
```
To know more about the different commands used to navigate, inspect and query this database, please check out [the PostgreSQL Command Line (psql) Navigation Guide.](psqlCMDs.md)
### 5. Run the Backend Server
```bash
npm run dev
```
Server will start on [http://localhost:5000](http://localhost:5000).
---
## API Endpoints (Backend)
All endpoints are prefixed with `/api`.
### Authentication
* **POST /api/auth/signup** – Register a new user.
* **POST /api/auth/login** – Authenticate user and get JWT.
* **GET /api/auth/me** – Get current authenticated user's profile (Protected).
* **DELETE /api/auth/me** – Delete the current authenticated user's account (Protected).
### Books
* **POST /api/books** – Add a new book (Protected).
* **GET /api/books** – Get all books with filters and pagination.
* **GET /api/books/\:id** – Get details of a single book.
* **DELETE /api/books/\:id** – Delete a book by ID (Protected).
### Reviews
* **POST /api/books/\:id/reviews** – Add a review to a specific book (Protected).
* **DELETE /api/reviews/\:id** – Delete a review (Protected).
More information about these endpoints are described in [apiResponses.md](apiResponses.md)
---
## Database Schema
### `users`
* `id` (UUID, PK)
* `username` (VARCHAR, UNIQUE)
* `email` (VARCHAR, UNIQUE)
* `password` (VARCHAR, HASHED)
* `created_at` (TIMESTAMP)
### `books`
* `id` (UUID, PK)
* `title` (VARCHAR)
* `author` (VARCHAR)
* `genre` (VARCHAR)
* `created_at` (TIMESTAMP)
### `reviews`
* `id` (UUID, PK)
* `book_id` (UUID, FK to books.id, ON DELETE CASCADE)
* `reviewer_id` (UUID, FK to users.id, ON DELETE CASCADE)
* `review_text` (TEXT)
* `rating` (INTEGER, 1-5)
* `created_at` (TIMESTAMP)
---
## Known Limitations
* No extensive input validation.
* No user roles (e.g., admin).
* Basic error handling.
* No rate limiting or advanced security.
---
## Future Enhancements
* Robust input validation.
* User roles (Admin, Reviewer).
* Password reset functionality.
* Image uploads for book covers.
* Advanced sorting and search.
* Logging integration.
* Unit and integration tests.
---
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.