Welcome to the documentation for the Bookstore Application, submitted as part of my application for the Balkan ID internship. This document provides a comprehensive overview of the application, its features, and how to set it up and use it.
- frontend
Contains the frontend code for the BookStore web application. Built using React.js, the frontend is responsible for the user interface and client-side logic.
- backend
Contains the Golang backend code for the BookStore web application. Built using Node.js and Express.js, the backend is responsible for the server-side logic and database management.
git clone https://github.com/mohammadshaad/balkanid-bookstore.git
cd balkanid-bookstore
docker-compose up
- Project Overview
- Security Considerations
- APIs Used
- Getting Started
- Application Structure
- Configuration
- Features
- Testing
- Deployment
- Troubleshooting
- Conclusion
The Bookstore Application is a web-based platform that allows users to browse, purchase, and manage books. It offers user registration and authentication, book management, and shopping cart functionality.
- Go (Golang)
- Fiber (Web framework)
- PostgreSQL (Database)
- GORM (Object-Relational Mapping)
- JSON Web Tokens (JWT) for authentication
- React.js (Frontend)
- Securing Sensitive Information: I highly recommend using environment variables for safeguarding sensitive data like database credentials and JWT secrets. However, it's essential to ensure that my application gracefully handles cases where these variables are missing or contain incorrect values. I've also implemented error handling for
os.Getenv
calls to enhance robustness.
- Enhancing User Experience: I've adopted the validator library to validate input data, which is a commendable practice for maintaining data integrity. To enhance the user experience, I'm considering providing more specific error messages to clients, pinpointing which field failed validation. This will assist users in correcting their inputs more easily.
- Prioritizing Security: The security of user passwords is of paramount importance. I've implemented the correct practice of hashing passwords using bcrypt before storing them in the database, which is a robust security measure.
- Ensuring Secure Authentication: I've employed JWT-based user authentication, a widely accepted and secure approach. I take measures to keep my JWT secret confidential and consider token refresh mechanisms for longer user sessions.
- Well-implemented Database Operations: My database operations, such as creating, updating, and deleting records, are well-implemented and robust.
- User-Friendly Errors: I take pride in my error-handling approach within my application's handlers. I ensure that appropriate HTTP status codes and meaningful error messages are returned to clients. This practice significantly enhances the user experience and aids developers in efficiently debugging issues.
- Enhancing Security: I use middleware to check JWT validity and user roles, adding an extra layer of security and authorization to my application.
- Considering Alternatives: While I currently generate random user IDs, I'm open to exploring more reliable methods such as auto-incremented database IDs or UUIDs to ensure uniqueness and scalability.
- Improving Debugging and Monitoring: I'm considering implementing structured logging within my application. Structured logs are invaluable for debugging and monitoring, as they make it easier to trace and diagnose issues.
- Comprehensive Testing: I'm committed to thorough testing of my application, covering not only standard use cases but also error scenarios, edge cases, and security aspects. Automated testing plays a pivotal role in achieving this.
- Enhancing Code Clarity: While my code structure is sound, I acknowledge the value of adding comments or documentation to clarify the purpose of each function and route. This practice is especially valuable for the benefit of future developers who may work on my code.
- Customization to Your Needs: My JWT expiration is currently set to 24 hours. Depending on your specific use case, you may want to adjust this value to align with your application's requirements.
- Endpoint:
/register
- Method:
POST
- Description: Allows a user to register by providing their first name, last name, email, password, and role.
- Endpoint:
/login
- Method:
POST
- Description: Allows a user to log in by providing their email and password.
- Endpoint:
/user/profile/:id
- Method:
GET
- Description: Retrieves the user's profile information by their ID.
- Endpoint:
/user/profile/:id
- Method:
PUT
- Description: Allows the user to update their profile information.
- Endpoint:
/user/deactivate/:id
- Method:
PUT
- Description: Deactivates the user's account.
- Endpoint:
/user/activate/:id
- Method:
PUT
- Description: Activates the user's account.
- Endpoint:
/user/delete/:id
- Method:
DELETE
- Description: Deletes the user's account.
- Endpoint:
/user/logout
- Method:
POST
- Description: Logs the user out of their account.
- Endpoint:
/user/books
- Method:
GET
- Description: Retrieves a list of all available books.
- Endpoint:
/user/book/:id
- Method:
GET
- Description: Retrieves a specific book by its ID.
- Endpoint:
/user/cart
- Method:
POST
- Description: Adds a book to the user's cart.
- Endpoint:
/user/cart
- Method:
GET
- Description: Retrieves the user's cart.
- Endpoint:
/user/cart/:book_id
- Method:
DELETE
- Description: Removes a book from the user's cart by book ID.
- Endpoint:
/user/cart/:book_id
- Method:
PUT
- Description: Updates the quantity of a book in the user's cart.
- Endpoint:
/user/book/:book_id/reviews
- Method:
POST
- Description: Allows the user to add a review for a specific book.
- Endpoint:
/user/book/:book_id/reviews
- Method:
GET
- Description: Retrieves all reviews for a specific book.
- Endpoint:
/user/book/:id/download
- Method:
GET
- Description: Allows the user to download a specific book.
- Endpoint:
/user/role/:id
- Method:
GET
- Description: Retrieves the role of a specific user.
- Endpoint:
/admin
- Method:
GET
- Description: Welcome message for admin.
- Endpoint:
/admin/books
- Method:
GET
- Description: Retrieves a list of all available books from the admin perspective.
- Endpoint:
/admin/book/:id
- Method:
GET
- Description: Retrieves a specific book by its ID from the admin perspective.
- Endpoint:
/admin/book
- Method:
POST
- Description: Allows an admin to create a new book.
- Endpoint:
/admin/book/:id
- Method:
PUT
- Description: Allows an admin to update the details of a book.
- Endpoint:
/admin/book/:id
- Method:
DELETE
- Description: Allows an admin to delete a book by its ID.
- Endpoint:
/admin/users
- Method:
GET
- Description: Retrieves a list of all registered users from the admin perspective.
- Endpoint:
/admin/user/:id
- Method:
GET
- Description: Retrieves a specific user's information by their ID from the admin perspective.
- Endpoint:
/admin/book/:book_id/reviews
- Method:
GET
- Description: Retrieves all reviews for a specific book from the admin perspective.
- Endpoint:
/admin/cart
- Method:
GET
- Description: Retrieves all cart items for all users from the admin perspective.
- Endpoint:
/admin/cart/:user_id
- Method:
GET
- Description: Retrieves a specific user's cart items by their user ID from the admin perspective.
- Endpoint:
/admin/cart/:user_id/:book_id
- Method:
DELETE
- Description: Allows an admin to delete a cart item for a specific user by user ID and book ID.
- Endpoint:
/admin/logout
- Method:
POST
- Description: Logs the admin out.
- Endpoint:
/admin/role/:id
- Method:
GET
- Description: Retrieves the role of a specific user from the admin perspective.
To run and test the application, please follow these steps:
Before you begin, ensure you have the following installed:
- Go programming language
- PostgreSQL database
- Required Go packages (dependencies managed via Go modules)
- Clone the repository:
git clone https://github.com/mohammadshaad/golang-book-store-backend.git
- Navigate to the project directory:
cd bookstore
- Create a
.env
file and configure the necessary environment variables (see Configuration section). - Run database migrations:
go run main.go migrate
- Start the application:
go run main.go
The project is organized as follows:
my-golang-book-store/
│
├── database/
│ ├── database.go
│ └── models.go
│
├── middleware/
│ ├── middleware.go
│
├── routes/
│ ├── routes.go
│ └── handlers.go
│
├── main.go
├── go.mod
├── go.sum
├── README.md
├── .env.example
└── main_test.go
The application reads configuration settings from environment variables. Here are the key variables to configure:
DB_HOST
: PostgreSQL database host address.DB_PORT
: PostgreSQL database port.DB_NAME
: PostgreSQL database name.DB_USER
: PostgreSQL database username.DB_PASSWORD
: PostgreSQL database password.JWT_SECRET
: Secret key for JWT token generation.
Example .env
file:
DB_HOST=database
DB_PORT=5432
DB_NAME=book-store
DB_USER=postgres
DB_PASSWORD=<your_database_password>
JWT_SECRET=secret
- User Registration: Users can create new accounts by providing their email and password.
- User Login: Registered users can log in to access their account.
- Book Listing: Users can view a list of available books.
- Book Details: Users can view detailed information about a specific book.
- Book Search: Users can search for books by title or author.
- Book Addition: Admin users can add new books to the catalog.
- Book Modification: Admin users can update book details.
- Book Deletion: Admin users can remove books from the catalog.
- Cart Management: Users can add books to their shopping cart, view the cart, remove items, and update quantities.
- Checkout: Users can proceed to checkout, where they can review their order and complete the purchase.
- Admin Access: Certain routes and features are accessible only to admin users.
- User Management: Admin users can manage user accounts, including user activation, deactivation, and deletion.
- Book Management: Admin users can manage the catalog of books, including adding, modifying, and deleting entries.
To run tests, use the following command:
go test ./...
For production deployment, follow these steps:
- Set up a production-ready PostgreSQL database.
- Configure the environment variables for the production environment.
- Build the application:
go build -o bookstore-app main.go
- Deploy the binary to your production server.
- Set up a reverse proxy (e.g., Nginx) to serve the application.
If you encounter any issues or have questions, please contact Mohammad Shaad at [email protected].
- User Authentication: A robust authentication system allows users to register and securely log in.
- User Profiles: Each user has a personalized profile for managing personal information.
- Shopping Cart: Users can add, view, and manage books in their shopping cart.
- Admin Dashboard: Administrators have access to a dedicated dashboard for book management.
- Role-Based Access Control: The application incorporates role-based access control, differentiating between users and administrators.
- Responsive Design: The user interface is responsive, ensuring a seamless experience on both desktop and mobile devices.
To get started, follow these steps:
-
Clone the repository:
git clone https://github.com/your-username/bookstore-web-app.git
-
Navigate to the project directory:
cd <folder_name>
-
Install the necessary dependencies:
npm install
-
Start the development server:
npm run dev
-
Open your web browser and visit http://localhost:5173 to access the BookStore web application also start the backend server:
go run main.go
which will run on http://localhost:8080
-
Register or log in to your account.
-
Explore the application, add books to your cart, and manage your profile.
-
If you have administrator privileges, you can access the admin dashboard to manage books.
Thank you for considering my application. I hope you find this Bookstore Application and its documentation useful. Please feel free to reach out if you have any further questions or require additional information.
Sincerely,
Mohammad Shaad