A RESTful backend API for an online fruit store, built with NestJS. The system supports user authentication, product management, and order processing with strict ownership and security guarantees.
- 🔐 JWT-based authentication & authorization
- 👤 User management with secure password hashing
- 🛍️ Product CRUD operations with pagination
- 📦 Order creation with enforced user ownership
- 🧠 Input validation using DTOs and
class-validator ⚠️ Centralized error handling with global exception filters- 📄 API documentation with Swagger (OpenAPI)
- 🧱 Modular architecture following NestJS best practices
- Backend Framework: NestJS (Node.js, TypeScript)
- Database: MongoDB (Mongoose)
- Authentication: JWT, Passport
- Validation: class-validator, class-transformer
- Documentation: Swagger (OpenAPI)
- Security: bcrypt password hashing
Once the server is running, access Swagger UI at:
http://localhost:3000/api
Supports JWT authentication via Authorize → Bearer Token.
- Users can only access and modify their own data
- Backend ignores sensitive fields (e.g.
userId) sent from the client - Ownership is enforced using
req.user.userIdfrom JWT - Protected routes secured using
JwtAuthGuard
npm install
npm run start:dev- Test files (
*.spec.ts) are included as part of NestJS scaffolding - Manual API testing performed using Swagger and Postman