https://github.com/saketkothari/tshirt-store-backend-api
A robust backend API for managing an online t-shirt store, handling product listings, orders, and customer data.
https://github.com/saketkothari/tshirt-store-backend-api
api authentication bcryptjs cloudinary cookie-parser ejs expressjs file-upload jwt-token mongodb mongoose morgan-middleware node-js nodemailer nodemon stripe swagger
Last synced: 12 days ago
JSON representation
A robust backend API for managing an online t-shirt store, handling product listings, orders, and customer data.
- Host: GitHub
- URL: https://github.com/saketkothari/tshirt-store-backend-api
- Owner: SaketKothari
- Created: 2022-05-13T08:09:44.000Z (almost 4 years ago)
- Default Branch: master
- Last Pushed: 2025-04-29T17:00:33.000Z (11 months ago)
- Last Synced: 2025-04-29T18:20:12.056Z (11 months ago)
- Topics: api, authentication, bcryptjs, cloudinary, cookie-parser, ejs, expressjs, file-upload, jwt-token, mongodb, mongoose, morgan-middleware, node-js, nodemailer, nodemon, stripe, swagger
- Language: JavaScript
- Homepage: https://tshirt-store.onrender.com/api-docs/
- Size: 420 KB
- Stars: 2
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# ๐ T-Shirt Store Backend API
A production-ready RESTful API for an e-commerce t-shirt store built with Node.js, Express, and MongoDB.
[](https://tshirt-store.onrender.com/api-docs/)
[](https://nodejs.org/)
[](https://expressjs.com/)
[](https://www.mongodb.com/)
[](./LICENSE)
## ๐ API Documentation
Explore the complete API documentation with interactive testing:
๐ **[Live Swagger Documentation](https://tshirt-store.onrender.com/api-docs/)**
---
## โจ Features
### ๐ Authentication & Authorization
- **JWT-based authentication** with httpOnly cookies
- **Role-based access control** (User, Manager, Admin)
- Secure password hashing with bcrypt
- Password reset via email tokens
### ๐ค User Management
- User registration with profile photo upload
- Login/Logout with secure token handling
- Forgot password & reset password flow
- User dashboard with profile updates
- Admin can manage all users
### ๐๏ธ Product Management
- Full CRUD operations for products
- Multiple product images via Cloudinary
- Product categories (shortsleeves, longsleeves, sweatshirt, hoodies)
- Product search, filtering & pagination
- Product reviews and ratings system
### ๐ฆ Order Management
- Create and track orders
- Order history for users
- Admin order management with status updates
- Detailed order information with shipping details
### ๐ณ Payment Integration
- **Stripe** payment processing
- **Razorpay** payment processing
- Secure payment intent creation
---
## ๐ ๏ธ Tech Stack
| Category | Technology |
| ------------------ | ------------------------- |
| **Runtime** | Node.js |
| **Framework** | Express.js |
| **Database** | MongoDB with Mongoose ODM |
| **Authentication** | JWT (JSON Web Tokens) |
| **File Upload** | Cloudinary |
| **Payments** | Stripe, Razorpay |
| **Email** | Nodemailer |
| **Documentation** | Swagger/OpenAPI 3.0 |
| **Validation** | Validator.js |
---
## ๐ Getting Started
### Prerequisites
- Node.js 18+ installed
- MongoDB database (local or Atlas)
- Cloudinary account
- Stripe account (for payments)
- Razorpay account (for payments)
### Installation
1. **Clone the repository**
```bash
git clone https://github.com/SaketKothari/tshirt-store-backend-api.git
cd tshirt-store-backend-api
```
2. **Install dependencies**
```bash
npm install
```
3. **Configure environment variables**
Create a `.env` file in the root directory:
```env
# Server
PORT=4000
# Database
MONGODB_URL=mongodb://localhost:27017/tshirt-store
# JWT
JWT_SECRET=your-super-secret-jwt-key
JWT_EXPIRY=3d
COOKIE_TIME=3
# Cloudinary
CLOUDINARY_NAME=your-cloud-name
CLOUDINARY_API_KEY=your-api-key
CLOUDINARY_API_SECRET=your-api-secret
# Stripe
STRIPE_API_KEY=sk_test_...
STRIPE_SECRET_KEY=sk_test_...
# Razorpay
RAZORPAY_API_KEY=rzp_test_...
RAZORPAY_SECRET=your-razorpay-secret
# Email (SMTP)
SMTP_HOST=smtp.mailtrap.io
SMTP_PORT=587
SMTP_USER=your-smtp-user
SMTP_PASS=your-smtp-password
```
4. **Start the server**
```bash
# Development mode (with hot reload)
npm run dev
# Production mode
npm start
```
5. **Access the API**
- API Base URL: `http://localhost:4000/api/v1`
- Swagger Docs: `http://localhost:4000/api-docs`
---
## ๐ Project Structure
```
tshirt-store-backend-api/
โโโ config/
โ โโโ db.js # MongoDB connection
โโโ controllers/
โ โโโ homeController.js # Health check endpoints
โ โโโ userController.js # User authentication & profile
โ โโโ productController.js # Product CRUD & reviews
โ โโโ orderController.js # Order management
โ โโโ paymentController.js # Payment processing
โโโ middlewares/
โ โโโ bigPromise.js # Async error wrapper
โ โโโ user.js # Auth & role middlewares
โโโ models/
โ โโโ user.js # User schema
โ โโโ product.js # Product schema
โ โโโ order.js # Order schema
โโโ routes/
โ โโโ home.js # Home routes
โ โโโ user.js # User routes
โ โโโ product.js # Product routes
โ โโโ order.js # Order routes
โ โโโ payment.js # Payment routes
โโโ utils/
โ โโโ cookieToken.js # JWT token helper
โ โโโ customError.js # Custom error class
โ โโโ emailHelper.js # Email sending utility
โ โโโ whereClause.js # Query builder for filtering
โโโ views/
โ โโโ signuptest.ejs # Test view template
โโโ app.js # Express app setup
โโโ index.js # Server entry point
โโโ swagger.yaml # API documentation
โโโ package.json
```
---
## ๐ API Endpoints
### Authentication
| Method | Endpoint | Description |
| ------ | ------------------------------- | ---------------------- |
| POST | `/api/v1/signup` | Register new user |
| POST | `/api/v1/login` | User login |
| GET | `/api/v1/logout` | User logout |
| POST | `/api/v1/forgotPassword` | Request password reset |
| POST | `/api/v1/password/reset/:token` | Reset password |
### User Profile
| Method | Endpoint | Description |
| ------ | ------------------------------ | ---------------- |
| GET | `/api/v1/userdashboard` | Get current user |
| POST | `/api/v1/userdashboard/update` | Update profile |
| POST | `/api/v1/password/update` | Change password |
### Products
| Method | Endpoint | Description |
| ------ | --------------------------- | ------------------------------- |
| GET | `/api/v1/products` | Get all products (with filters) |
| GET | `/api/v1/product/:id` | Get single product |
| GET | `/api/v1/reviews?id=` | Get product reviews |
| PUT | `/api/v1/review` | Add/Update review |
| DELETE | `/api/v1/review?productId=` | Delete review |
### Orders
| Method | Endpoint | Description |
| ------ | ---------------------- | ----------------- |
| POST | `/api/v1/order/create` | Create new order |
| GET | `/api/v1/order/:id` | Get order details |
| GET | `/api/v1/myorder` | Get user's orders |
### Payments
| Method | Endpoint | Description |
| ------ | ------------------------- | ----------------------- |
| GET | `/api/v1/stripekey` | Get Stripe public key |
| GET | `/api/v1/razorpaykey` | Get Razorpay public key |
| POST | `/api/v1/capturestripe` | Create Stripe payment |
| POST | `/api/v1/capturerazorpay` | Create Razorpay order |
### Admin Routes
| Method | Endpoint | Description |
| ------ | --------------------------- | ------------------- |
| GET | `/api/v1/admin/users` | Get all users |
| GET | `/api/v1/admin/user/:id` | Get user by ID |
| PUT | `/api/v1/admin/user/:id` | Update user |
| DELETE | `/api/v1/admin/user/:id` | Delete user |
| GET | `/api/v1/admin/products` | Get all products |
| POST | `/api/v1/admin/product/add` | Add product |
| PUT | `/api/v1/admin/product/:id` | Update product |
| DELETE | `/api/v1/admin/product/:id` | Delete product |
| GET | `/api/v1/admin/orders` | Get all orders |
| PUT | `/api/v1/admin/order/:id` | Update order status |
| DELETE | `/api/v1/admin/order/:id` | Delete order |
### Manager Routes
| Method | Endpoint | Description |
| ------ | ----------------------- | -------------------------- |
| GET | `/api/v1/manager/users` | Get users with 'user' role |
---
## ๐ Authentication
The API supports two authentication methods:
### 1. Cookie Authentication
After login, a JWT token is automatically set as an httpOnly cookie named `token`.
### 2. Bearer Token
Pass the JWT token in the Authorization header:
```
Authorization: Bearer
```
---
## ๐งช Testing the API
### Using Swagger UI
Visit the [Swagger Documentation](https://tshirt-store.onrender.com/api-docs/) to test endpoints directly in your browser.
### Using cURL
```bash
# Register a new user
curl -X POST https://tshirt-store.onrender.com/api/v1/signup \
-F "name=John Doe" \
-F "email=john@example.com" \
-F "password=password123" \
-F "photo=@/path/to/photo.jpg"
# Login
curl -X POST https://tshirt-store.onrender.com/api/v1/login \
-H "Content-Type: application/json" \
-d '{"email":"john@example.com","password":"password123"}'
# Get all products
curl https://tshirt-store.onrender.com/api/v1/products
```
### Using Postman
Import the Swagger specification from `swagger.yaml` into Postman for a complete collection.
---
## ๐ค Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
1. Fork the repository
2. Create your feature branch (`git checkout -b feature/AmazingFeature`)
3. Commit your changes (`git commit -m 'Add some AmazingFeature'`)
4. Push to the branch (`git push origin feature/AmazingFeature`)
5. Open a Pull Request
---
## ๐ License
This project is licensed under the ISC License.
---
## ๐จโ๐ป Author
**Saket Kothari**
- Website: [saketkothari.vercel.app](https://saketkothari.vercel.app)\
- GitHub: [@SaketKothari](https://github.com/SaketKothari)
---
## โญ Show Your Support
Give a โญ๏ธ if this project helped you!