A RESTful API for managing online course bookings built with Node.js, Express, and MongoDB. This API provides comprehensive functionality for course management, user authentication, and booking operations.
- π User Authentication & Authorization - Secure JWT-based authentication
- π Course Management - CRUD operations for courses with admin controls
- π Enrollment System - Enroll in courses and manage enrollments
- π₯ User Management - User registration, login, and profile management
- π Role-Based Access Control - Different permissions for admin and regular users
- π Course Archiving - Soft delete functionality for courses
- β Input Validation - Comprehensive request validation
- π‘οΈ Security - Protection against common vulnerabilities
- Runtime: Node.js
- Framework: Express.js
- Database: MongoDB
- Authentication: JSON Web Tokens (JWT)
- Password Hashing: bcrypt
- Environment Variables: dotenv
Before running this project, ensure you have the following installed:
- Clone the repository
git clone https://github.com/deyperfect/Online-Course-Booking-API.git- Install dependencies
npm install- Set up environment variables
Create a .env file in the root directory:
PORT=4000
MONGODB_URI=
JWT_SECRET=
# Add your MongoDB connection string and set your JWT secret key- Start the server
# Development mode
npm run dev
# Production mode
npm startThe API will be available at http://localhost:4000
| Variable | Description | Required |
|---|---|---|
PORT |
Port number for the server | Yes |
MONGODB_URI |
MongoDB connection string | Yes |
JWT_SECRET |
Secret key for JWT signing | Yes |
Complete API documentation is available on Postman:
http://localhost:4000
Most endpoints require authentication. Include the JWT token in the Authorization header:
Authorization: Bearer <your_jwt_token>
POST /users/register- Register a new userPOST /users/login- Login userGET /users/details- Get user details (requires authentication)PATCH /users/update-password- Update user password
GET /courses/all- Get all active coursesGET /courses/:courseId- Get single course detailsPOST /courses/- Create a new course (Admin only)PATCH /courses/:courseId- Update course (Admin only)PATCH /courses/:courseId/archive- Archive a course (Admin only)
POST /enrollments/enroll- Enroll in a courseGET /enrollments/my-enrollments- Get user's enrollments
Online-Course-Booking-API/
βββ controllers/ # Route controllers (business logic)
βββ models/ # Database models (schemas)
βββ routes/ # API routes
βββ auth.js # Authentication middleware
βββ index.js # Application entry point
βββ package.json # Project dependencies
βββ .gitignore # Git ignore rules
βββ README.md # Project documentation
- controllers/ - Contains controller functions that handle the business logic for each route
- models/ - Mongoose schemas and models for MongoDB collections
- routes/ - Express route definitions that map URLs to controller functions
- auth.js - Authentication and authorization middleware
POST /users/register
Content-Type: application/json
{
"firstName": "John",
"lastName": "Doe",
"email": "john@example.com",
"password": "securePassword123",
"mobileNo": "09123456789"
}POST /users/login
Content-Type: application/json
{
"email": "john@example.com",
"password": "securePassword123"
}
// Response includes JWT token
{
"access": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}GET /users/details
Authorization: Bearer <your_jwt_token>
// Returns user profile informationPOST /courses/
Authorization: Bearer <admin_token>
Content-Type: application/json
{
"name": "Advanced JavaScript",
"description": "Learn advanced JavaScript concepts and modern frameworks",
"price": 2999
}GET /courses/all
// Returns list of all active coursesPOST /enrollments/enroll
Authorization: Bearer <user_token>
Content-Type: application/json
{
"courseId": "60d5ec49f1b2c72b8c8e4a1b"
}GET /enrollments/my-enrollments
Authorization: Bearer <user_token>
// Returns all courses the user is enrolled indeyperfect
- GitHub: @deyperfect
For detailed API endpoint documentation and request/response examples, visit the Postman Documentation.