PRODUCT-STORE-NEST.JS

Nest.js product store API, made with typescript

Table of Contents

1. About the project
2. Built With
3. Roles and permissions
4. Additional feature description
5. Business rules
6. Endpoints
7. Todo
8. License

About The Project

Nest.js application that mock product store backend. It enable users with admin roles to add product details (price, category etc.) and registred and authenticated user to create orders for given products. Further actions are based on metioned roles and permissions. Passport.js is used as middleware and mySQL as primary databsase.

(back to top)

Built With

• Nest.js
• Typescript
• MySQL
• Redis
• Docker
• Passport.js
• TLS
• Typeorm
• Class validator
• Bcrypt

(back to top)

Roles and permissions

Client can

• register an account (need to provide name, login, password and email)
• login to account
• make an order
• change order status
• list own orders
• get product list

Admin can (besides all client and permissions) can:

• add / update products
• add / update categories
• list all clients
• list all orders

(back to top)

Business rules

• Orders can only be made for client
• login and email cannot be duplicated
• password must
• not available product cannot be ordered
• already completed order cannot change status

(back to top)

Endpoints

Client register

POST http://localhost:4000/auth/register
Content-Type: application/json

{
    "login": "login123",
    "password": "$tr0ng_P4$$w0rd",
    "name": "John",
    "surname": "Doe",
    "email": "john.doe@example.com" 
}

RESPONSE: HTTP 201 (Created)
{
    "message": "User created successfully"
}

Login

POST http://localhost:4000/auth/login
Content-Type: application/json

{
    "login": "login123",
    "password": "$tr0ng_P4$$w0rd"
}

RESPONSE: HTTP 200
{
    "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... rest of client JWT",
    "method": "Bearer"
}

Add new product (as a admin)

POST http://localhost:4000/products
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... rest of admin JWT

{
    "name": "Odyssey",
    "description": "Homer Odyssey book",
    "price": 20,
    "categoryName": "BOOK"
}

RESPONSE: HTTP 201 (Created)
{
    "name": "Odyssey",
    "description": "Homer Odyssey book",
    "price": 20,
    "category": {
        "id": 6,
        "categoryName": "BOOK"
    },
    "id": 13,
    "isAvailable": true
}

Get all products

GET http://localhost:4000/products
(no auth required)

[
    {
        "id": 1,
        "name": "Creatine lemon 120g",
        "isAvailable": true,
        "description": "Creatine is a natural substance found in the body. It is produced in the liver, kidneys and pancreas. It is also found in red meat and fish. Creatine is stored in the muscles in the form of phosphocreatine.",
        "price": 20,
        "category": {
            "id": 1,
            "categoryName": "SPORT"
        }
    },
    {
        "id": 2,
        "name": "Nike Air Max 270",
        "isAvailable": true,
        "description": "Nike Air Max 270 is a new silhouette from Nike. It is a combination of the Air Max 180 and Air Max 93. The shoe features a full-length Air unit, a mesh upper, and a synthetic heel counter.",
        "price": 200,
        "category": {
            "id": 2,
            "categoryName": "CLOTHES"
        }
    },
    {
        "id": 3,
        "name": "iPhone 6s",
        "isAvailable": true,
        "description": "iPhone 6s is a smartphone designed, developed, and marketed by Apple Inc. It is the tenth generation of the iPhone.",
        "price": 500,
        "category": {
            "id": 3,
            "categoryName": "ELECTRONIC"
        }
    },
    {
        "id": 4,
        "name": "T-shirt",
        "isAvailable": true,
        "description": "A T-shirt is a style of unisex fabric shirt named after the T shape of its body and sleeves.",
        "price": 20,
        "category": {
            "id": 2,
            "categoryName": "CLOTHES"
        }
    },
  other results...

Add new order

POST http://localhost:4000/orders
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... rest of client JWT

{
    "ProductsIds": [
        1, 4
    ]
}

RESPONSE: HTTP 201 (Created)
{
    "message": "Order created"
}

Of course there is also exception handling for unauthorized/unauthenticated/incorrect data, for example

Client try to get other users info

GET http://localhost:4000/users
Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.... rest of user JWT

RESPONSE: HTTP 401
{
    "statusCode": 401,
    "message": "Unauthorized"
}

Missing field when adding new product

POST http://localhost:4000/products
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9... rest of admin JWT

{
    "name": "Odyssey",
    "description": "Homer Odyssey book",
    "categoryName": "BOOK"
}

RESPONSE: HTTP 400
{
    "statusCode": 400,
    "message": [
        "price must be a positive number"
    ],
    "error": "Bad Request"
}

Product is not available

POST http://localhost:4000/orders
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9... rest of client JWT
{
    "ProductsIds": [
        1, 4
    ]
}

RESPONSE: HTTP 400
{
    "statusCode": 400,
    "message": "Product is not available",
    "error": "Bad Request"
}

(back to top)

License

Distributed under the MIT License. See LICENSE.txt for more information.

(back to top)