Overview
The E-commerce API is a production-ready REST API built with Node.js, Express, TypeScript, and Prisma ORM. It provides a complete backend solution for e-commerce applications with robust authentication, product management, shopping cart functionality, and order processing.Quick Start
Get up and running in minutes with our step-by-step guide
API Reference
Explore all available endpoints and their parameters
Installation
Complete setup guide for development and production
Authentication
Learn about JWT-based authentication and authorization
Key Features
Authentication & Authorization
- JWT-based authentication with secure token generation
- Role-based access control (customer/admin roles)
- Rate limiting on auth endpoints (10 requests per 15 minutes)
- Password hashing with bcrypt
- User registration, login, and profile management
Product Management
- Full CRUD operations for products
- Image upload support with Cloudinary integration
- Product categorization
- Stock tracking and inventory management
- Search and filtering capabilities
- Public read access, admin-only write access
Shopping Cart
- User-specific cart management
- Add, update, and remove items
- Automatic quantity validation
- Cart persistence across sessions
- Real-time total calculations
Order Processing
- Create orders from cart contents
- Order history tracking
- Order status management (pending, shipped, delivered, cancelled)
- Price snapshots at purchase time
- User-specific order queries
Security Features
- Helmet.js for HTTP security headers
- CORS configuration with credential support
- Rate limiting on sensitive endpoints
- File upload restrictions (5MB max, safe filenames)
- Input validation with class-validator
- SQL injection protection via Prisma ORM
Tech Stack
Runtime
Node.js with TypeScript
Framework
Express.js 5.x
Database
MySQL 8.4 with Prisma ORM
Authentication
JWT (jsonwebtoken)
Architecture
The API follows a layered architecture pattern:- Routes: Define API endpoints and apply middleware
- Middleware: Handle authentication, validation, and error handling
- Controllers: Process HTTP requests and responses
- Services: Implement business logic
- Repositories: Abstract database operations
- Prisma Client: Type-safe database queries
API Structure
The API is organized into the following main modules:| Module | Base Path | Description |
|---|---|---|
| Authentication | /auth | User registration, login, profile management |
| Products | /products | Product catalog management |
| Categories | /categories | Product category organization |
| Cart | /cart | Shopping cart operations |
| Orders | /orders | Order creation and history |
Data Models
The API uses the following core data models:User
id: Integer (auto-increment)name: Stringemail: String (unique)passwordHash: String (bcrypt hashed)role: Enum (customer, admin)- Relations: cart, orders
Product
id: Integer (auto-increment)name: String (indexed)description: String (optional)price: Decimal (10,2)imageUrl: Stringstock: IntegercategoryId: Integer (optional)- Relations: category, cartItems, orderItems
Cart & CartItem
- One-to-one relationship with User
- CartItems track product quantity in cart
- Automatic cascade deletion
Order & OrderItem
- Order status tracking (pending, shipped, delivered, cancelled)
- OrderItems capture price at purchase time
- Indexed by userId and status
Response Format
All API responses follow consistent patterns: Success Response:All timestamps are in ISO 8601 format (UTC timezone)
Rate Limits
Other endpoints currently have no rate limits but may be added in future versions.Getting Help
If you need assistance:- Check the Quick Start Guide for common setup issues
- Review the API Reference for endpoint details
- Examine the Installation Guide for environment configuration
Next Steps
Install the API
Follow the Installation Guide to set up your development environment
Try the Quick Start
Complete the Quick Start Tutorial to make your first API calls
Explore the API
Browse the API Reference to discover all available endpoints