Overview
DAF Backend is a robust Express.js-based REST API that powers both Point of Sale (POS) and E-commerce (ECOM) systems. The API implements a unique dual-database architecture with credential-based connection pooling, providing secure and isolated data management for retail and online sales operations.POS System
Manage in-store operations including inventory, invoices, clients, suppliers, and transactions
E-commerce
Handle online shopping cart, product catalog, payments, and customer authentication
Secure Authentication
JWT-based authentication with database credentials embedded in tokens
PostgreSQL Powered
Two separate PostgreSQL databases with connection pooling and credential-based access
Key features
The DAF Backend API provides enterprise-grade features for retail and e-commerce management:Dual-system architecture
The API operates two independent systems:- POS System: Complete retail management with products, raw materials, suppliers, clients, invoices, and inventory tracking
- E-commerce System: Online shopping functionality with cart management, product browsing, and payment processing
Secure credential-based connections
Unlike traditional APIs with a single database user, DAF Backend uses a unique approach:- Each authenticated user’s database credentials are embedded in their JWT token
- Database connections are created per-request using the user’s actual credentials
- This provides database-level security and audit trails
Rich validation layer
The API uses multiple validation libraries:- Zod: Schema validation for e-commerce endpoints
- Joi: Custom validation for POS endpoints
- Custom DTOs: Business logic validation for complex entities
File upload support
Product images are handled through:- Multer middleware for multipart form data
- Disk storage with unique filename generation
- Image serving through Express static middleware
Technology stack
The DAF Backend is built with modern, production-ready technologies:Core technologies
- Express.js 5.2: Modern Node.js web framework
- PostgreSQL: Enterprise-grade relational database
- pg (node-postgres): Connection pooling and query execution
- JWT: Secure token-based authentication
- Multer: Multipart form data and file uploads
- Zod & Joi: Schema validation libraries
Who should use this documentation
This documentation is designed for:API structure
The API is organized into two main namespaces:POS endpoints
All POS endpoints are prefixed with/api/pos/:
/api/pos/auth- Authentication and access control/api/pos/cliente- Client management/api/pos/producto- Product catalog/api/pos/factura- Invoice generation/api/pos/proveedor- Supplier management/api/pos/materiaprima- Raw materials inventory/api/pos/kardex*- Inventory movement tracking/api/pos/ordencompra- Purchase orders
E-commerce endpoints
All e-commerce endpoints are prefixed with/api/ecom/:
/api/ecom/auth- User registration and login/api/ecom/producto- Product browsing/api/ecom/carrito- Shopping cart operations/api/ecom/pagos- Payment processing/api/ecom/ciudad- City/location data
Both systems use JWT authentication, but with different token structures and database connections.
Next steps
Quickstart
Get the API running locally in minutes
Authentication
Learn how JWT authentication works in DAF Backend
Architecture
Understand the dual-system architecture
Database
Explore database configuration and connection pooling