# E-commerce API Backend

API backend for the Rocks, Bones & Sticks e-commerce platform.

## Setup

```bash
# Install dependencies
npm install

# Run for development
npm run dev

# Run for production
npm start
```

## API Endpoints

### Authentication

- `POST /api/auth/register` - Register a new user
- `POST /api/auth/login-request` - Request a login code
- `POST /api/auth/verify` - Verify login code and generate API key
- `POST /api/auth/verify-key` - Verify an existing API key
- `POST /api/auth/logout` - Logout current user and invalidate API key

For protected routes, include the API key in the request header:
```
X-API-Key: your-api-key-here
```

### Products

- `GET /api/products` - Get all products
- `GET /api/products/:id` - Get single product
- `GET /api/products/categories/all` - Get all categories
- `GET /api/products/tags/all` - Get all tags
- `GET /api/products/category/:categoryName` - Get products by category


### Product Admin (Admin Protected)

These routes require an API key with admin privileges.

- `POST /api/admin/products` - Create a new product with multiple images
- `PUT /api/admin/products/:id` - Update a product
- `DELETE /api/admin/products/:id` - Delete a product


### Cart (Protected)

- `GET /api/cart/:userId` - Get users cart
- `POST /api/cart/add` - Add item to cart
- `PUT /api/cart/update` - Update cart item quantity
- `DELETE /api/cart/clear/:userId` - Clear cart
- `POST /api/cart/checkout` - Checkout (create order from cart)

## Admin Access

By default, the user with email `john@example.com` is set as an admin for testing purposes. The admin status allows access to protected admin routes.

## Environment Variables

Create a `.env` file with the following variables:

```
# Server configuration
PORT=4000
NODE_ENV=development
ENVIRONMENT=beta  # Use 'beta' for development, 'prod' for production

# Database connection
DB_HOST=db
DB_USER=postgres
DB_PASSWORD=PLEASECHANGETOSECUREPASSWORD
DB_NAME=ecommerce
DB_PORT=5432

# Email configuration (Postmark)
EMAIL_HOST=smtp.postmarkapp.com
EMAIL_PORT=587
EMAIL_USER=your_postmark_api_token
EMAIL_PASS=your_postmark_api_token
```

### Environment-specific Behavior

Based on the `ENVIRONMENT` variable, the application will use different domain configurations:

- `beta`: Uses `localhost:3000` for the frontend and `http` protocol
- `prod`: Uses `rocks.2many.ca` for the frontend and `https` protocol