Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/sadman95/bike-island-server
Bike Island Backend
https://github.com/sadman95/bike-island-server
cors express mongodb mongoose nodejs socket-io stripe
Last synced: about 7 hours ago
JSON representation
Bike Island Backend
- Host: GitHub
- URL: https://github.com/sadman95/bike-island-server
- Owner: Sadman95
- Created: 2021-11-21T21:22:11.000Z (about 3 years ago)
- Default Branch: master
- Last Pushed: 2024-11-30T09:40:24.000Z (23 days ago)
- Last Synced: 2024-11-30T10:28:27.966Z (23 days ago)
- Topics: cors, express, mongodb, mongoose, nodejs, socket-io, stripe
- Language: JavaScript
- Homepage:
- Size: 4.62 MB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
## Backend Features Update (Version 2.0.0)
### New Features
#### User Features
1. **Order Management**:
- Implemented endpoints to retrieve user order history with detailed information.
- Added functionality to handle order status updates for cancellations or returns.2. **Reviews**:
- Created APIs to manage product reviews:
- Users can add reviews for purchased products.
- Reviews are restricted to items in the user’s order history to ensure authenticity.3. **Profile Update**:
- Developed APIs for users to update their profile information, including name, email, and password.4. **Secure Authentication Flow**:
- Added JWT-based secure authentication for user login and registration.
- Integrated password hashing for secure storage.
- Implemented middleware for route protection based on user roles and permissions.
- Enabled email verification and password reset functionality via Auth0.#### Admin Features
1. **Order Management**:
- Created APIs to allow admins to view, update, or cancel orders.
- Added functionality to retrieve all orders with filtering options (status, date, customer, etc.).2. **Product Management**:
- Built endpoints to add, update, and delete products.
- Integrated file uploads for product images using a secure and scalable storage solution.3. **Customer Management**:
- Developed APIs to retrieve and manage customer details.
- Admins can view customers’ order histories and manage account statuses.4. **Role and Permission Management**:
- Implemented dynamic role-based access control (RBAC).
- Created APIs to assign roles and manage permissions for users and team members.5. **Team Member Management**:
- Added APIs for managing admin team members:
- Create, update, or delete team members.
- Assign roles and permissions to team members dynamically.---
### Technical Enhancements
1. **Secure Authentication**:
- Fully integrated Auth0 for authentication and user management.
- Secure token storage and renewal for seamless user sessions.
- Middleware for validating and decoding JWT tokens for protected routes.2. **Data Validation and Security**:
- Improved input validation using `express-validator` to prevent injection attacks.
- Applied rate limiting and IP throttling for critical endpoints to prevent abuse.3. **Error Handling**:
- Enhanced centralized error handling with descriptive HTTP responses.
- Included granular error codes for debugging and API consumers.4. **Caching**:
- Integrated Redis caching for improved performance in frequently accessed endpoints (e.g., product listings).5. **Documentation**:
- Updated Swagger API documentation with all new endpoints, models, and responses.6. **Testing**:
- Added unit and integration tests using Jest to ensure robust functionality for all critical features.7. **Dockerization**:
- Updated Docker configuration to support the expanded application structure.
- Added a Redis service in the `docker-compose` setup.---
### Performance Improvements
1. **Database Optimization**:
- Optimized Mongoose queries with indexing and pagination for large datasets.
- Refactored schema designs to ensure efficient relational mappings.2. **Middleware Improvements**:
- Optimized middleware for handling roles and permissions dynamically.
- Improved logging using Winston for better traceability of requests and actions.---
This release solidifies the backend foundation with secure authentication, dynamic role management, enhanced admin capabilities, and robust API support for a seamless user and admin experience.