RESTful API for MERN Store e-commerce platform with JWT authentication, role-based access control, and MongoDB database.
- π JWT authentication and authorization
- π₯ User management (CRUD operations)
- π¦ Product management
- π Order processing and tracking
- π Role-based access control (Admin/User)
- π CORS enabled for frontend integration
- βοΈ MongoDB Atlas cloud database
- π Deployed on Vercel serverless functions
- Node.js - Runtime environment
- Express.js - Web framework
- MongoDB Atlas - Cloud database
- Mongoose - ODM for MongoDB
- JWT (jsonwebtoken) - Authentication
- Bcrypt - Password hashing
- CORS - Cross-origin resource sharing
- Node.js (v18 or higher)
- npm or yarn
- MongoDB Atlas account (or local MongoDB)
git clone https://github.com/kinshukkush/mern-backend-main.git
cd mern-backend-mainnpm installCreate a .env file in the root directory:
# MongoDB Configuration
MONGODB_URI=mongodb+srv://username:password@cluster.mongodb.net/database?retryWrites=true&w=majority
# Server Configuration
PORT=8080
# JWT Secret (use a strong, random string)
JWT_SECRET=your_secure_jwt_secret_key_here
# Environment
NODE_ENV=developmentImportant: Replace the MongoDB URI with your actual connection string from MongoDB Atlas.
# Start with Node
node server.js
# Or with nodemon (for development)
nodemon server.jsThe API will be available at: http://localhost:8080
You should see:
β
MongoDB connected successfully!
π Server running at http://localhost:8080
βββ controllers/ # Route controllers
β βββ orderController.js # Order operations
β βββ productController.js # Product operations
β βββ userController.js # User operations
βββ middlewares/ # Custom middleware
β βββ auth.js # Authentication & authorization
βββ models/ # Mongoose schemas
β βββ orderModel.js # Order schema
β βββ productModel.js # Product schema
β βββ userModel.js # User schema
βββ routes/ # API routes
β βββ orderRoute.js # Order routes
β βββ productRoute.js # Product routes
β βββ userRoute.js # User routes
βββ public/ # Static files
βββ server.js # Main server file
βββ vercel.json # Vercel deployment config
βββ .env # Environment variables (not in git)
http://localhost:8080/api
| Method | Endpoint | Description | Auth Required |
|---|---|---|---|
| POST | /users/register |
Register new user | No |
| POST | /users/login |
User login | No |
Example Request (Login):
POST /api/users/login
{
"email": "user@example.com",
"password": "password123"
}| Method | Endpoint | Description | Auth Required |
|---|---|---|---|
| GET | /users |
Get all users | Admin |
| GET | /users/:id |
Get user by ID | Yes |
| GET | /users/:id/profile |
Get user profile | Yes |
| PATCH | /users/:id/profile |
Update profile | Yes |
| DELETE | /users/:id |
Delete user | Admin |
| Method | Endpoint | Description | Auth Required |
|---|---|---|---|
| GET | /products/all |
Get all products (public) | No |
| GET | /products |
Get products (paginated) | Admin |
| GET | /products/:id |
Get product by ID | No |
| POST | /products |
Create product | Admin |
| PATCH | /products/:id |
Update product | Admin |
| DELETE | /products/:id |
Delete product | Admin |
| Method | Endpoint | Description | Auth Required |
|---|---|---|---|
| POST | /orders |
Create new order | Yes |
| GET | /orders |
Get all orders | Admin |
| GET | /orders/:email |
Get orders by user email | Yes |
| GET | /orders/:id |
Get order by ID | Yes |
| PATCH | /orders/:id |
Update order status | Admin |
| DELETE | /orders/:id |
Delete order | Admin |
Protected routes require JWT token in the Authorization header:
Authorization: Bearer <your_jwt_token>
Example:
headers: {
'Authorization': 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...',
'Content-Type': 'application/json'
}- User - Can view products, create orders, manage own profile
- Admin - Full access to all resources (users, products, orders)
| Variable | Description | Required |
|---|---|---|
MONGODB_URI |
MongoDB connection string | Yes |
JWT_SECRET |
Secret key for JWT signing | Yes |
PORT |
Server port | No (default: 8080) |
NODE_ENV |
Environment mode | No (default: development) |
- Push your code to GitHub
- Import the project in Vercel
- Set environment variables in Vercel dashboard:
MONGODB_URIJWT_SECRETNODE_ENV=productionPORT=8080
- Deploy
Live API: https://mern-backend-main-zeta.vercel.app/
The API allows requests from:
http://localhost:5174(Local development)https://mern-frontent-main.vercel.app(Production frontend)
Update CORS origins in server.js if your frontend URL changes.
- Frontend: https://github.com/kinshukkush/mern-frontend-main
- Frontend Live: https://mern-frontent-main.vercel.app/
# Start server
node server.js
# Start with auto-reload (requires nodemon)
nodemon server.js
# Install dependencies
npm install- Check your MongoDB URI is correct
- Ensure your IP is whitelisted in MongoDB Atlas
- Verify network access settings
# Windows
netstat -ano | findstr :8080
taskkill /PID <PID> /F
# Linux/Mac
lsof -ti:8080 | xargs kill -9- Verify frontend URL is in CORS origins
- Check
VITE_API_URLin frontend.env
Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License.
Kinshuk Saxena
- GitHub: @kinshukkush
- Backend Repository: mern-backend-main
- Frontend Repository: mern-frontend-main
- MongoDB team for the excellent database
- Express.js for the minimal web framework
- JWT for secure authentication
Made with β€οΈ using Node.js and MERN Stack