Skip to content
/ BookStacker Public

a restful api using node.js, express, and mongodb for user authentication, book listing, and review management.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sunnysagar/BookStacker

BranchesTags

Repository files navigation

Book Stacker - Book Review System

A RESTful API built using Node.js, Express.js, and MongoDB, allowing users to manage books and post reviews. Authenticated users can add books, post reviews, and manage their own content. This project demonstrates secure backend development, clean modular code, and well-designed API architecture.

🚀 Features

  • User Signup & Login (JWT-based authentication)
  • Add and View Books with pagination, filtering, and search
  • Post one review per book per user
  • Update or delete your own reviews
  • Search books by title or author (partial & case-insensitive)
  • Modular project structure for scalability

🧰 Tech Stack

  • Backend: Node.js, Express.js
  • Database: MongoDB (Mongoose)
  • Authentication: JWT (JSON Web Tokens)
  • Environment Config: dotenv
  • Pagination & Filtering: Built-in query options

Project Structure

  bookstacker/
│
├── controllers/       # Route controllers (logic)
├── services/          # Business logic
├── models/            # Mongoose schemas
├── routes/            # Route definitions
├── middleware/        # JWT auth, error handlers
├── config/            # DB and env config
├── .env               # Secret keys & config
├── server.js          # App entry point
└── README.md

🛠️ Setup Instructions

  1. Clone the repo 
    git clone https://github.com/sunnysagar/BookStacker.git
cd BookStacker
  2. Install dependencies 
    npm install
  3. Create a .env file 
    PORT=5000
MONGO_URI=your_mongodb_uri
JWT_SECRET=your_jwt_secret_key
  4. Start Server 
    node server.js

Your API will be running at

http://localhost:5000

🔑 API Endpoints

POST /api/auth/signup

POST /api/auth/login

POST /api/books (auth)

GET /api/books

GET /api/books/:id

POST /api/books/:id/reviews (auth)

PUT /api/reviews/:id (auth)

DELETE /api/reviews/:id (auth)

GET /api/books/search?q=title

🔐 Authentication Endpoints

  1. Signup – Register 
    POST /auth/signup
Content-Type: application/json
{
"name": "Sunny",
"email": "[email protected]",
"password": "securepassword"
}
  2. Login and Get JWT 
    POST /auth/login
{
"email": "[email protected]",
"password": "securepassword"
}

📚 Book Endpoints

  1. POST /books – Add Book (Auth Required) 
    POST /books
Authorization: Bearer <JWT>
{
"title": "Clean Code",
"author": "Robert C. Martin",
"genre": "Programming"
}
  2. GET /books – List Books (pagination, filter) 
    GET /books?page=1&limit=10&author=Robert&genre=Programming
  3. GET /books/:id – Book Details with Avg Rating + Reviews 
    GET /books/abc123

✍️ Review Endpoints

  1. POST /books/:id/reviews (One review per user per book) 
    POST /books/abc123/reviews
Authorization: Bearer <JWT>
{
"rating": 4,
"comment": "Great book!"
}
  2. PUT /reviews/:id – Update Own Review 
    PUT /reviews/xyz456
Authorization: Bearer <JWT>
{
"rating": 5,
"comment": "Actually, it was amazing!"
}
  3. DELETE /reviews/:id – Delete Own Review 
    DELETE /reviews/xyz456
Authorization: Bearer <JWT>

🔍 /search – Search Books by Title or Author

GET /search?q=clean

🗂️ MongoDB Schema (Simple Overview)

  1. User
{
  name: String,
  email: { type: String, unique: true },
  password: String
}
  1. Book
{
  title: String,
  author: String,
  genre: String,
  reviews: [ObjectId], // References to Review
}
  1. Review
{
  user: ObjectId,
  book: ObjectId,
  rating: Number,
  comment: String
}

🗂️ Database Schema Design

📌 Key Entities:

  • User: Stores user credentials and basic details.
  • Book: Contains book information like title, author, and genre.
  • Review: Connects a user and a book through a one-to-one relationship per book, with a rating and comment.

🔐 User

Field Type Description
_id ObjectId Primary key
name String User’s full name
email String Unique email
password String Hashed password

📚 Book

Field Type Description
_id ObjectId Primary key
title String Title of the book
author String Author's name
genre String Book genre

📝 Review

Field Type Description
_id ObjectId Primary key
user ObjectId Reference to the User (_id)
book ObjectId Reference to the Book (_id)
rating Number Rating (e.g., 1 to 5)
comment String Review comment

🧩 ER Diagram

The following diagram represents the core entities and their relationships in the Book Review API system.

📎 ER Diagram Link:
📄 View ER Diagram on Google Drive

🧩 Relationships

  • A User can write many Reviews, but only one review per Book.
  • A Book can have many Reviews.
  • Each Review belongs to one User and one Book.

⚙️ Design Decisions & Assumptions

Design Decisions

  • Modular Structure: Separated controllers (handle requests) and services (handle logic) for cleaner code.
  • JWT Authentication: Protected routes require JWT in the Authorization header.
  • One Review per Book per User: Enforced to maintain review uniqueness.
  • Pagination: Default limit = 10 in book and review listings.
  • Search: Case-insensitive partial match for title and author using regex.
  • Protected Routes: Only logged-in users can add books or reviews.

🤔 Assumptions

  • All users are treated equally (no roles like admin).
  • Users can update or delete only their own reviews.
  • Basic validation is handled via Mongoose.
  • No advanced features like likes, replies, or media for now.

🧑‍💻 Author

Sunny Sagar

About

a restful api using node.js, express, and mongodb for user authentication, book listing, and review management.

Topics

jwt-auth restful-api-design modular-structure mongodb-with-mongoose

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages