E-Commerce API

A comprehensive e-commerce REST API built with Node.js and Express. Features include user authentication, product management, shopping cart, orders, and payments.

🚀 Features

• User Authentication: JWT-based authentication with role-based access control (admin/user)
• Product Management: CRUD operations for products with categories and search
• Shopping Cart: Add, update, and remove items from personal cart
• Order Management: Create and track orders with status updates
• Payment Processing: Handle payments for orders
• Admin Dashboard: Full management capabilities for administrators
• API Rate Limiting: Prevent abuse with rate limiting
• Secure: Helmet security headers, input validation, and authentication
• API Documentation: Interactive Swagger UI available at /api-docs

🛠️ Tech Stack

• Backend: Node.js, Express.js
• Database: SQLite (with sqlite3 driver)
• Authentication: JWT for authentication
• Security: Bcrypt for password hashing, Helmet for security headers, Joi for input validation
• Rate Limiting: Express-rate-limit
• API Documentation: Swagger-jsdoc and swagger-ui-express
• Frontend: HTML5, CSS3, Bootstrap 5, JavaScript (for dashboard)

📦 Installation

1. Clone the repository:

git clone <repository-url>
cd ecommerce-api

2. Install dependencies:

npm install

3. Set up environment variables:

cp .env.example .env

Edit the .env file and set your configuration:

PORT=3000
DB_NAME=ecommerce.db
JWT_SECRET=your-super-secret-jwt-key-change-in-production
JWT_EXPIRE=7d
NODE_ENV=development

4. Start the server:

npm start

For development with auto-restart:

npm run dev

🌐 API Endpoints

All endpoints are versioned under /api/v1/.

Authentication

• POST /api/v1/auth/register - Register a new user
• POST /api/v1/auth/login - Login to get JWT token
• GET /api/v1/auth/me - Get current user info (requires auth)

Products

• GET /api/v1/products - Get all products (with optional category and search filters)
• GET /api/v1/products/:id - Get a specific product
• POST /api/v1/products - Create a new product (admin only)
• PUT /api/v1/products/:id - Update a product (admin only)
• DELETE /api/v1/products/:id - Delete a product (admin only)

Users

• GET /api/v1/users - Get all users (admin only)
• GET /api/v1/users/:id - Get a specific user (admin only)
• POST /api/v1/users - Create a new user (admin only)
• PUT /api/v1/users/:id - Update a user (admin only)
• DELETE /api/v1/users/:id - Delete a user (admin only)

Cart

• GET /api/v1/cart - Get user's cart (requires auth)
• POST /api/v1/cart - Add item to cart (requires auth)
• PUT /api/v1/cart/:id - Update cart item quantity (requires auth)
• DELETE /api/v1/cart/:id - Remove item from cart (requires auth)
• DELETE /api/v1/cart - Clear entire cart (requires auth)

Orders

• GET /api/v1/orders - Get user's orders (requires auth, admin sees all)
• GET /api/v1/orders/:id - Get specific order (requires auth)
• POST /api/v1/orders - Create new order (requires auth)
• PUT /api/v1/orders/:id - Update order (admin only)
• DELETE /api/v1/orders/:id - Delete order (admin only)

Payments

• GET /api/v1/payments - Get payments (requires auth, admin sees all)
• GET /api/v1/payments/:id - Get specific payment (requires auth)
• POST /api/v1/payments - Process payment (requires auth)
• PUT /api/v1/payments/:id - Update payment (admin only)
• DELETE /api/v1/payments/:id - Delete payment (admin only)

Other

• GET /api/v1/categories - Get all product categories
• GET /api/v1/search - Search products with filters
• GET /api/v1/stats - Get dashboard statistics (requires auth)
• GET /api/v1/health - Health check endpoint
• GET /api-docs - Interactive API documentation (Swagger UI)

🔐 Security Features

• JWT authentication with expiration
• Role-based access control (admin/user)
• Rate limiting to prevent abuse
• Input validation using Joi
• Helmet security headers
• Password hashing with bcrypt
• SQL injection prevention through parameterized queries
• XSS protection with sanitization

📊 Frontend Dashboard

The API includes a dashboard interface accessible at the root URL (/) for managing products, users, orders, and payments. The dashboard supports:

• Product management with add/delete functionality
• Order tracking with status updates
• Payment processing and history
• Dashboard statistics with charts
• Responsive design with mobile support

🗄️ Database Structure

The application uses SQLite with the following tables:

• products: Stores product information
• users: Stores user information with roles and hashed passwords
• orders: Stores order information with status tracking
• payments: Stores payment information
• cart: Stores user shopping cart items

🤝 Contributing

We welcome contributions! Please see our Contributing Guide for more details.

1. Fork the repository
2. Create a feature branch (git checkout -b feature/amazing-feature)
3. Commit your changes (git commit -m 'Add some amazing feature')
4. Push to the branch (git push origin feature/amazing-feature)
5. Open a Pull Request

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

🐛 Issues

If you encounter any issues, please open an issue on the GitHub repository.

🛡️ Security

For security concerns, please read our Security Policy.

⚖️ Code of Conduct

Please read our Code of Conduct before contributing or participating in the community.

---

📞 Support

If you have questions or need help, feel free to reach out:

• Create an issue in the GitHub repository
• Check the documentation
• Review project structure

⭐ If you found this project helpful, please give it a star!