Rizwan Khan

Posted on 9 August 2020

Ecommerce Back End Express Server Rest API

Hi Everyone,

I have started creating an ecommerce MERN Stack Project on youtube, you can find link of youtube playlist below

https://www.youtube.com/playlist?list=PLB_Wd4-5SGAYsxD4JGaVdXll3PnoyI-AM

Here I am sharing my day to day video code for the people who is looking for Source code

Lets start with backend Rest Api Code

I hope you are familiar with npm init command

lets continue with server code

src/index.server.js

const express = require('express');
const env = require('dotenv');
const app = express();
const bodyParser = require('body-parser');
const mongoose = require('mongoose');

//routes
const authRoutes = require('./routes/auth');
const adminRoutes = require('./routes/admin/auth');

//environment variable or you can say constants
env.config();

// mongodb connection
//mongodb+srv://root:<password>@cluster0.8pl1w.mongodb.net/<dbname>?retryWrites=true&w=majority
mongoose.connect(
    `mongodb+srv://${process.env.MONGO_DB_USER}:${process.env.MONGO_DB_PASSWORD}@cluster0.8pl1w.mongodb.net/${process.env.MONGO_DB_DATABASE}?retryWrites=true&w=majority`, 
    {
        useNewUrlParser: true, 
        useUnifiedTopology: true,
        useCreateIndex: true
    }
).then(() => {
    console.log('Database connected');
});

app.use(bodyParser());
app.use('/api', authRoutes);
app.use('/api', adminRoutes);

app.listen(process.env.PORT, () => {
    console.log(`Server is running on port ${process.env.PORT}`);
});

const express = require('express');
const env = require('dotenv');
const app = express();
const bodyParser = require('body-parser');
const mongoose = require('mongoose');

//routes
const authRoutes = require('./routes/auth');
const adminRoutes = require('./routes/admin/auth');

//environment variable or you can say constants
env.config();

// mongodb connection
//mongodb+srv://root:<password>@cluster0.8pl1w.mongodb.net/<dbname>?retryWrites=true&w=majority
mongoose.connect(
    `mongodb+srv://${process.env.MONGO_DB_USER}:${process.env.MONGO_DB_PASSWORD}@cluster0.8pl1w.mongodb.net/${process.env.MONGO_DB_DATABASE}?retryWrites=true&w=majority`, 
    {
        useNewUrlParser: true, 
        useUnifiedTopology: true,
        useCreateIndex: true
    }
).then(() => {
    console.log('Database connected');
});

app.use(bodyParser());
app.use('/api', authRoutes);
app.use('/api', adminRoutes);

app.listen(process.env.PORT, () => {
    console.log(`Server is running on port ${process.env.PORT}`);
});

src/models/user.js

const mongoose = require('mongoose');
const bcrypt = require('bcrypt');

const userSchema = new mongoose.Schema({
    firstName: {
        type: String,
        required: true,
        trim: true,
        min: 3,
        max: 20
    },
    lastName: {
        type: String,
        required: true,
        trim: true,
        min: 3,
        max: 20
    },
    username: {
        type: String,
        required: true,
        trim: true,
        unique: true,
        index: true,
        lowercase: true
    },
    email: {
        type: String,
        required: true,
        trim: true,
        unique: true,
        lowercase: true
    },
    hash_password: {
        type: String,
        required: true
    },
    role: {
        type: String,
        enum: ['user', 'admin'],
        default:'user'
    },
    contactNumber: { type: String },
    pofilePicture: { type: String }
}, { timestamps: true });


userSchema.virtual('password')
.set(function(password){
    this.hash_password = bcrypt.hashSync(password, 10);
});

userSchema.virtual('fullName')
.get(function(){
    return `${this.firstName} ${this.lastName}`;
});

userSchema.methods = {
    authenticate: function(password){
        return bcrypt.compareSync(password, this.hash_password);
    }
}


module.exports = mongoose.model('User', userSchema);

const mongoose = require('mongoose');
const bcrypt = require('bcrypt');

const userSchema = new mongoose.Schema({
    firstName: {
        type: String,
        required: true,
        trim: true,
        min: 3,
        max: 20
    },
    lastName: {
        type: String,
        required: true,
        trim: true,
        min: 3,
        max: 20
    },
    username: {
        type: String,
        required: true,
        trim: true,
        unique: true,
        index: true,
        lowercase: true
    },
    email: {
        type: String,
        required: true,
        trim: true,
        unique: true,
        lowercase: true
    },
    hash_password: {
        type: String,
        required: true
    },
    role: {
        type: String,
        enum: ['user', 'admin'],
        default:'user'
    },
    contactNumber: { type: String },
    pofilePicture: { type: String }
}, { timestamps: true });


userSchema.virtual('password')
.set(function(password){
    this.hash_password = bcrypt.hashSync(password, 10);
});

userSchema.virtual('fullName')
.get(function(){
    return `${this.firstName} ${this.lastName}`;
});

userSchema.methods = {
    authenticate: function(password){
        return bcrypt.compareSync(password, this.hash_password);
    }
}


module.exports = mongoose.model('User', userSchema);

src/routes/auth.js

const express = require('express');
const { signup, signin, requireSignin } = require('../controller/auth');
const router = express.Router();


router.post('/signup', signup);
router.post('/signin', signin);


// router.post('/profile', requireSignin, (req, res) => {
//     res.status(200).json({ user: 'profile' })
// });

module.exports = router;

const express = require('express');
const { signup, signin, requireSignin } = require('../controller/auth');
const router = express.Router();


router.post('/signup', signup);
router.post('/signin', signin);


// router.post('/profile', requireSignin, (req, res) => {
//     res.status(200).json({ user: 'profile' })
// });

module.exports = router;

src/routes/admin/auth.js

const express = require('express');
const { signup, signin, requireSignin } = require('../../controller/admin/auth');
const router = express.Router();


router.post('/admin/signup', signup);
router.post('/admin/signin', signin);


module.exports = router;

const express = require('express');
const { signup, signin, requireSignin } = require('../../controller/admin/auth');
const router = express.Router();


router.post('/admin/signup', signup);
router.post('/admin/signin', signin);


module.exports = router;

src/controller/auth.js

const User = require('../models/user');
const jwt = require('jsonwebtoken');

exports.signup = (req, res) => {
    User.findOne({ email: req.body.email })
    .exec((error, user) => {
        if(user) return res.status(400).json({
            message: 'User already registered'
        });

        const {
            firstName,
            lastName,
            email,
            password
        } = req.body;
        const _user = new User({ 
            firstName, 
            lastName, 
            email, 
            password,
            username: Math.random().toString()
        });

        _user.save((error, data) => {
            if(error){
                return res.status(400).json({
                    message: 'Something went wrong'
                });
            }

            if(data){
                return res.status(201).json({
                    message: 'User created Successfully..!'
                })
            }
        });



    });
}

exports.signin = (req, res) => {
    User.findOne({ email: req.body.email })
    .exec((error, user) => {
        if(error) return res.status(400).json({ error });
        if(user){

            if(user.authenticate(req.body.password)){
                const token = jwt.sign({_id: user._id}, process.env.JWT_SECRET, { expiresIn: '1h' });
                const { _id, firstName, lastName, email, role, fullName } = user;
                res.status(200).json({
                    token,
                    user: {_id, firstName, lastName, email, role, fullName}
                });
            }else{
                return res.status(400).json({
                    message: 'Invalid Password'
                })
            }

        }else{
            return res.status(400).json({message: 'Something went wrong'});
        }
    });
}

exports.requireSignin = (req, res, next) => {
    const token = req.headers.authorization.split(" ")[1];
    const user = jwt.verify(token, process.env.JWT_SECRET);
    req.user = user;
    next();
    //jwt.decode()
}

const User = require('../models/user');
const jwt = require('jsonwebtoken');

exports.signup = (req, res) => {
    User.findOne({ email: req.body.email })
    .exec((error, user) => {
        if(user) return res.status(400).json({
            message: 'User already registered'
        });

        const {
            firstName,
            lastName,
            email,
            password
        } = req.body;
        const _user = new User({ 
            firstName, 
            lastName, 
            email, 
            password,
            username: Math.random().toString()
        });

        _user.save((error, data) => {
            if(error){
                return res.status(400).json({
                    message: 'Something went wrong'
                });
            }

            if(data){
                return res.status(201).json({
                    message: 'User created Successfully..!'
                })
            }
        });



    });
}

exports.signin = (req, res) => {
    User.findOne({ email: req.body.email })
    .exec((error, user) => {
        if(error) return res.status(400).json({ error });
        if(user){

            if(user.authenticate(req.body.password)){
                const token = jwt.sign({_id: user._id}, process.env.JWT_SECRET, { expiresIn: '1h' });
                const { _id, firstName, lastName, email, role, fullName } = user;
                res.status(200).json({
                    token,
                    user: {_id, firstName, lastName, email, role, fullName}
                });
            }else{
                return res.status(400).json({
                    message: 'Invalid Password'
                })
            }

        }else{
            return res.status(400).json({message: 'Something went wrong'});
        }
    });
}

exports.requireSignin = (req, res, next) => {
    const token = req.headers.authorization.split(" ")[1];
    const user = jwt.verify(token, process.env.JWT_SECRET);
    req.user = user;
    next();
    //jwt.decode()
}

src/controller/admin/auth.js

const User = require('../../models/user');
const jwt = require('jsonwebtoken');

exports.signup = (req, res) => {
    User.findOne({ email: req.body.email })
    .exec((error, user) => {
        if(user) return res.status(400).json({
            message: 'Admin already registered'
        });

        const {
            firstName,
            lastName,
            email,
            password
        } = req.body;
        const _user = new User({ 
            firstName, 
            lastName, 
            email, 
            password,
            username: Math.random().toString(),
            role: 'admin'
        });

        _user.save((error, data) => {
            if(error){
                return res.status(400).json({
                    message: 'Something went wrong'
                });
            }

            if(data){
                return res.status(201).json({
                    message: 'Admin created Successfully..!'
                })
            }
        });



    });
}

exports.signin = (req, res) => {
    User.findOne({ email: req.body.email })
    .exec((error, user) => {
        if(error) return res.status(400).json({ error });
        if(user){

            if(user.authenticate(req.body.password) && user.role === 'admin'){
                const token = jwt.sign({_id: user._id}, process.env.JWT_SECRET, { expiresIn: '1h' });
                const { _id, firstName, lastName, email, role, fullName } = user;
                res.status(200).json({
                    token,
                    user: {_id, firstName, lastName, email, role, fullName}
                });
            }else{
                return res.status(400).json({
                    message: 'Invalid Password'
                })
            }

        }else{
            return res.status(400).json({message: 'Something went wrong'});
        }
    });
}

exports.requireSignin = (req, res, next) => {
    const token = req.headers.authorization.split(" ")[1];
    const user = jwt.verify(token, process.env.JWT_SECRET);
    req.user = user;
    next();
    //jwt.decode()
}

const User = require('../../models/user');
const jwt = require('jsonwebtoken');

exports.signup = (req, res) => {
    User.findOne({ email: req.body.email })
    .exec((error, user) => {
        if(user) return res.status(400).json({
            message: 'Admin already registered'
        });

        const {
            firstName,
            lastName,
            email,
            password
        } = req.body;
        const _user = new User({ 
            firstName, 
            lastName, 
            email, 
            password,
            username: Math.random().toString(),
            role: 'admin'
        });

        _user.save((error, data) => {
            if(error){
                return res.status(400).json({
                    message: 'Something went wrong'
                });
            }

            if(data){
                return res.status(201).json({
                    message: 'Admin created Successfully..!'
                })
            }
        });



    });
}

exports.signin = (req, res) => {
    User.findOne({ email: req.body.email })
    .exec((error, user) => {
        if(error) return res.status(400).json({ error });
        if(user){

            if(user.authenticate(req.body.password) && user.role === 'admin'){
                const token = jwt.sign({_id: user._id}, process.env.JWT_SECRET, { expiresIn: '1h' });
                const { _id, firstName, lastName, email, role, fullName } = user;
                res.status(200).json({
                    token,
                    user: {_id, firstName, lastName, email, role, fullName}
                });
            }else{
                return res.status(400).json({
                    message: 'Invalid Password'
                })
            }

        }else{
            return res.status(400).json({message: 'Something went wrong'});
        }
    });
}

exports.requireSignin = (req, res, next) => {
    const token = req.headers.authorization.split(" ")[1];
    const user = jwt.verify(token, process.env.JWT_SECRET);
    req.user = user;
    next();
    //jwt.decode()
}

Time to time i will update this page and plz do like this page and subscribe our youtube channel

Rizwan Khan

India

Coding is an art and I love art

Explore more similar Post

8 Comments

Abhishek Jaiswal

22 July at 1:38

i have one problem in signup and signin , the same code in my laptop, doesn't run , its gives output message:something went wronng" instead of giving user created successfully

Gopal Saw

6 October 2021

I have one problem with express validator with multipart-data , first middleware put validator not validate data, in case of first middleware put upload image and then validator then work. I want to put first all user request data validate and then file upload. (localFileUpload.single('profilePicture'),validateSignUpRequest,isRequestValidated,authController.register) This is work but validateSignUpRequest,isRequestValidated,localFileUpload.single('profilePicture'),authController.register not validate request. Please replay this issues and how to resolved it.

Rizwan Khan

8 October 2021

Are you trying to upload image while doing signup

H057 Kuldeep Sahu

25 June 2021

response not getting in Flipkart-series in getProductPage not given response. please help its show panding and network error.

Nabin Joshi

28 August 2020

I have a question in admin and user api what if the same person is admin and user if the person is registered as the user it cannot override to be an admin because email is same and we are using synchronous hasing and comparing in user model if we are using synchronous bcrypt in server does it gets any problem and also in mongodb the data comes from the server. any suggestion

Rizwan Khan

28 August 2020

Hi Nabin, As per the idea of this system you need to have two different email address one for user and one for admin and your second question about using sync function on server so it depends on the processing power of the server and yes it will block other services if processing power is slow, so my advice is to use async function and i will also update this code

Nabin Joshi

29 August 2020

thank you

tuanvu ngo

10 September 2020

so it is impossible to have a person who is both admin and user, right ?

Rizwan Khan

10 September 2020

Yes for this application

Shiva Siva

9 August 2020

iam a btech learning student can anyone please tell me

Rizwan Khan

9 August 2020

I think i have given all possible answers to your queries

Shiva Siva

9 August 2020

thank you sir ( or) bro

Shiva Siva

9 August 2020

and how they will get the same updated price in their website within no time

Rizwan Khan

9 August 2020

if you refresh page you will get new data from apis

Shiva Siva

9 August 2020

bro iam having one doubt how affiliate websites get the price update from various websites like (eg:amazon,flipkart,etc)

Rizwan Khan

9 August 2020

I am not sure about how affiliate websites work but for sure they have some public apis for product and their price so whoever will use those apis they can get updated prices

Shiva Siva

9 August 2020

whats this code bro

Rizwan Khan

9 August 2020

Hi Shiva, This is source code of current web development project series. Its an Ecommerce Project