Example API showing my Backend Skills. Uses Express & Prisma ORM & TypeScript
- Node.Js >= 20.0.0
- npm >= 9.0.0
- openSSL - for self-signed certificates for HTTPS
- git
└── 📁api
│ ├── 📁certificates # SSL certificates (cert.crt, key.key, etc.)
│ ├── 📁logs # Application logs
│ ├── 📁prisma # Prisma ORM files (schema, migrations, seed)
│ ├── 📁public # Static files (HTML, CSS, JS)
│ ├── 📁src # Source code
│ │ ├── 📁REST # REST API logic
│ │ │ ├── 📁controllers # API controllers (business logic)
│ │ │ ├── 📁helpers # Helper classes (e.g., HttpError)
│ │ │ ├── 📁middlewares # Express middlewares (auth, validation, etc.)
│ │ │ ├── 📁repositories # Data access layer (DB queries)
│ │ │ ├── 📁routes # Route definitions
│ │ │ └── 📁services # Business logic/services
│ │ │ └── 📁auth # Auth-related services
│ │ │ ├── 📁passport # Passport.js logic
│ │ │ └── 📁strategies # Auth strategies (Google, classic)
│ │ ├── 📁utils # Utilities and shared modules
│ │ │ ├── 📁config # App configs and logger
│ │ │ ├── 📁decorators # Custom TypeScript decorators
│ │ │ ├── 📁env # Environment and certificate management
│ │ │ ├── 📁infrastructure # Server, middleware, and Prisma setup
│ │ │ ├── 📁others # Miscellaneous helpers/type guards
│ │ │ └── 📁security # Security utilities
│ │ └── 📁WebSocket # WebSocket logic
│ ├── 📁types # TypeScript type definitions
│ │ ├── 📁express # Express type extensions
│ │ ├── 📁global # Global types
│ │ └── 📁ssl # SSL-related types
│ ├── .env.template # Environment variable template
│ ├── .gitignore # Git ignore rules
│ ├── jest.config.js # Jest test configuration
│ ├── package-lock.json # npm lockfile
│ ├── package.json # Project dependencies and scripts
│ ├── tsconfig.json # TypeScript configuration
└── README.md # Project documentation
-
Clone the repository
git clone <repo-link.git> cd <repo-folder>
-
Install dependencies
npm install
-
Build the project
npm run build
-
Start the API (development mode)
npm run start:dev
-
Start the API (production/compiled)
npm start
- Base URLs:
- HTTP:
http://localhost:8080/api - HTTPS:
https://localhost:8081/api(Ports are set in.env; HTTPS port = HTTP port + 1)
- HTTP:
-
Uses JWT (JSON Web Tokens) with Bearer tokens.
-
Include in headers:
Authorization: Bearer <token>
Authenticate user and receive a JWT.
Request:
{
"login": "johndoe",
"password": "superSecretP@@$word"
}Response:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}Register a new user.
Request:
{
"username": "johndoe",
"email": "johndoe@gmail.com",
"password": "superSecretP@@$word"
}Response:
{
"message": "User registered successfully"
}Redirect to Google OAuth.
Request:
No body. Open in browser or use HTTP client.
Response:
302 Redirect to Google OAuth.
Google OAuth callback, returns JWT.
Request:
No body. Called by Google after authentication.
Response:
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}Get current user data (requires JWT).
Request:
Header: Authorization: Bearer <token>
Response:
{
"id": 1,
"username": "johndoe",
"email": "johndoe@gmail.com",
"createdAt": "2025-06-18T12:00:00.000Z"
}Get user by ID.
Request:
GET /api/user/2
Response:
{
"id": 2,
"username": "janedoe",
"email": "janedoe@gmail.com",
"createdAt": "2025-06-18T12:00:00.000Z"
}Update user data (username, email, password).
Request:
PATCH /api/user/2/change
{
"changes": {
"username": "newUsername",
"email": "newemail@example.com"
}
}Response:
{
"message": "User updated successfully"
}Delete user by ID.
Request:
DELETE /api/user/2/delete
Response:
{
"message": "User deleted successfully"
}Create a new post.
Request:
{
"title": "Hello World!",
"content": "This is an example post",
"published": false
}Response:
{
"id": 1,
"title": "Hello World!",
"content": "This is an example post",
"published": false,
"authorId": 1,
"createdAt": "2025-06-18T12:00:00.000Z"
}Get all posts.
Request:
GET /api/post
Response:
[
{
"id": 1,
"title": "Hello World!",
"content": "This is an example post",
"published": true,
"authorId": 1,
"createdAt": "2025-06-18T12:00:00.000Z"
}
]Get post by ID.
Request:
GET /api/post/1
Response:
{
"id": 1,
"title": "Hello World!",
"content": "This is an example post",
"published": true,
"authorId": 1,
"createdAt": "2025-06-18T12:00:00.000Z"
}Update post visibility or content.
Request:
PUT /api/post/1
{
"published": true,
"title": "Updated Title"
}Response:
{
"message": "Post updated successfully"
}Delete post by ID.
Request:
DELETE /api/post/1
Response:
{
"message": "Post deleted successfully"
}Create a new comment.
Request:
{
"postId": 1,
"content": "This is a comment"
}Response:
{
"id": 1,
"postId": 1,
"userId": 1,
"content": "This is a comment",
"createdAt": "2025-06-18T12:00:00.000Z"
}Get comment by ID.
Request:
GET /api/comment/1
Response:
{
"id": 1,
"postId": 1,
"userId": 1,
"content": "This is a comment",
"createdAt": "2025-06-18T12:00:00.000Z"
}Get all comments for a post.
Request:
GET /api/comment/post/1
Response:
[
{
"id": 1,
"postId": 1,
"userId": 1,
"content": "This is a comment",
"createdAt": "2025-06-18T12:00:00.000Z"
}
]Update comment content.
Request:
PUT /api/comment/1
{
"content": "Updated comment"
}Response:
{
"message": "Comment updated successfully"
}Delete comment by ID.
Request:
DELETE /api/comment/1
Response:
{
"message": "Comment deleted successfully"
}Get all wishlists for the current user.
Request:
GET /api/wishlist
Response:
[
{
"id": 1,
"name": "My Wishlist",
"userId": 1,
"posts": [1, 2]
}
]Create a new wishlist.
Request:
{
"name": "My Wishlist"
}Response:
{
"id": 1,
"name": "My Wishlist",
"userId": 1,
"posts": []
}Get wishlist by ID.
Request:
GET /api/wishlist/1
Response:
{
"id": 1,
"name": "My Wishlist",
"userId": 1,
"posts": [1, 2]
}Update wishlist by ID.
Request:
PUT /api/wishlist/1
{
"name": "Updated Wishlist Name"
}Response:
{
"message": "Wishlist updated successfully"
}Delete wishlist by ID.
Request:
DELETE /api/wishlist/1
Response:
{
"message": "Wishlist deleted successfully"
}Add a post to a wishlist.
Request:
{
"postId": 123
}Response:
{
"message": "Post added to wishlist"
}Remove a post from a wishlist.
Request:
{
"postId": 123
}Response:
{
"message": "Post removed from wishlist"
}-
Generate JWT Secret:
node -e "console.log(require('crypto').randomBytes(32).toString('hex'))" -
Generate SSL Certificate (OpenSSL):
openssl req -nodes -x509 -keyout key.key -out cert.crt
- See
public/index.htmlfor a simple API test page