- Live Link: todo
- Frontend - Client side
- Admin panel
As a guest user, I can
- View Homepage,Products
- Signup to be an customer
- Search for products
As an Admin user, I can
- Login
- View & edit profile(first,last name,email,password)
- CRUD Users
- CRUD roles(only 2 roles: admin,customer)
- CRUD Products
- Logout
As a Customer, I can
- Login
- View & edit profile(first,last name,email,password)
- Purchase new products if available quantity.
- Cancel purchase.
- See my purchase history
- Checkout - currently we only have COD feature.
- Language: Node
- Express
- Database: MongoDB
- To register - POST
/api/user/register
- To login : will get and jwt token. - POST
/api/user/login
- To Logout - will logout user/admin - GET
/api/user/logout
- Get all user list : secured, authorized to admin only - GET
/api/user/all
- Get individual user details : secured, only authorized admin and user himself and access it - GET
/api/user/details/{user_id}
- Update user information : secured, only authorized admin and user himself and access it - PUT
/api/user/update/{user_id}
- Delete a user : secured, only authorized admin and user himself and access it - DELETE
/api/user/delete/{user_id}
- Get all category - all visitors can access it - GET
/api/category/all?page=1&limit=10
- Get category details - all visitors can access it - GET
/api/category/details/{category_id}
- Add new category : only admin can access it - POST
/api/category/add-new
- Update category : only admin can access it - PUT
/api/category/update/{category_id}
- Delete category : only admin can access it - DELETE
/api/category/delete/{category_id}
- Get all product of a single category - all visitors can access it, it will have pagination - GET
/api/products/all?page=1&limit=10&categoryIds=categoryId1,categoryId2
- Search for products - all visitors can access it , it will have pagination - GET
/api/products/search?page=1&limit=10&query=searchTerm
- Get product Details - all visitors can access it - GET
/api/product/details/{product_id}
- Add new product : only authorized admin can access it - POST
/api/product/add-new
- Update product : only authorized admin can access it - PUT
/api/product/update/{product_id}
- Delete product : only authorized admin can access it - DELETE
/api/product/delete/{product_id}
- Purchase product : only authorized users can buy product - POST
/api/order/place-order
- Get all order list : only admin can access it
/api/order/all
- Get order details : only admin can access it
/api/order/details/{order_id}
- Get my order details
/api/order/my-order-details/{order_id}
- Show my order list : it will have pagination - GET
/api/order/my-order-list
- Cancel order : only admin or user himself can access it - PUT
/api/order/delete/{order_id}
- Update order : only authorized admin and user himself can do it - PUT
/api/order/update/{order_id}