Technology used: Node.js, Express, MongoDB, Mongoose, JWT, Heroku.
This repository represents backend side of my amazon clone project. You can read API documentation from the link below.
https://documenter.getpostman.com/view/18687061/2s7YmxgitW
All API features are written in the documentation link above. This section will explain security feature that are not written in API documentation.
- Route protection for APIs that need authorization.
- Hashing and salting password.
- Create token using JWT.
- Set secure request headers.
- Sanitize input from user to prevent XSS.
- Sanitize data using mongoSanitize.
- Prevent HPP.