TazaDeal is a price-tracking e-commerce platform where local vendors can submit daily price updates for market items, and users can track price trends, maintain watchlists, and securely purchase products. This is the backend server built using Node.js, Express, and MongoDB (native driver).
✅ Live Server: https://taza-deal.vercel.app
- Backend: Node.js, Express.js
- Database: MongoDB (Native Driver)
- Authentication: Firebase, JWT (custom auth logic)
- Payments: Stripe Integration
- Security: HTTP-only JWT , role-based access
- Deployment: Vercel
├── routes/ │ ├── auth.routes.js │ ├── users.js │ ├── admin.js │ ├── vendors.js │ └── public.js ├── middlewares/ │ └── verifyJWT.js ├── index.js ├── .env └── package.json
MONGO_URI=your_mongo_connection_string PAYMENT_GATEWAY_KEY=your_stripe_secret_key JWT_SECRET_KEY=your_secret_key
- Firebase Auth + Custom JWT handling
- User roles:
admin,vendor,user - Secure product posting & approval system
- Price trend charts with historical pricing
- Stripe integration for secure checkout
- User watchlists for price alerts
- Modular and scalable Express structure
- MongoDB indexes for performance boost
The server initializes with strategic indexes for faster lookups:
users: { email }
orders: { buyerEmail, productId }
products: { vendorEmail, status }
ads: { vendorEmail }
reviews: { userEmail, productId }
watchlists: { userEmail, productId }
Indexes are created automatically during server startup via createIndex() in index.js.Method Endpoint Description Auth
// Public APIS
GET /public/products?limit=6 -> get latest products
GET /public/products -> All public products with filter/sort/pagination
GET /public/ads -> Fetch latest 5 approved ads
GET /users/product/:id -> Get single product
// User Related APIS
GET /users/:email -> Get user profile info securely
GET /users/product/:id/compare?date=YYYY-MM-DD -> Get price comparison data
GET /users/tracked-products -> Get watchlisted products with at least 1 price entry
GET /users/review-eligibility -> Review eligibility check
GET /users/my-orders -> Get all orders of the user
POST /users/order -> Save completed order
GET /public/products -> All public products with filter/sort/pagination
POST /users/create-payment-intent -> Create payment intent
DELETE /users/watchlist/:id -> Delete watchlist item
GET /users/watchlist -> Get all watchlist for a user
POST /users/watchlist -> Add to watchlist
PATCH /users/be-vendor/:email -> Vendor request patch
// Vendor Related APIS
POST /vendor/add-product -> Add new product
PATCH /vendor/update-product/:id -> update product
GET /vendor/product/:id -> GET single product
DELETE /vendor/delete-product/:id -> Delete product and check vendor or admin
GET /vendor/my-products -> Get all products
POST /vendor/ads — Create new advertisement
UPDATE vendor/update-ad/:id -> Update ads
GET /vendor/ads -> get all ads
UPDATE vendor/update-ad/:id -> Update ads
POST /vendor/ads — Create new advertisement
GET /vendor/my-products -> Get all products
DELETE /vendor/delete-product/:id -> Delete product and check vendor or admin
GET /vendor/product/:id -> GET single product
PATCH /vendor/update-product/:id -> update product
POST /vendor/add-product -> Add new product
// Admin Related APIS
GET /admin/ -> Get All user
PATCH /admin/update-user/:email -> Update User
GET /admin/products -> Get all product with pagination
PATCH /admin/update-product-status/:id update product status (approve, reject -> with reason and feedback)
DELETE /admin/delete-product/:id -> delete product
GET /admin/ads -> All Advertisements with pagination
PATCH /admin/ads/:id -> Update ad status (approve or reject with reason and feedback)
DELETE /admin/ads/:id -> Remove advertisement
GET /admin/all-orders -> Admin sees all orders- Platform: Vercel
- Build Command: Not needed (Node.js API)
- MongoDB Atlas: External cluster
- Environment Variables: Configured in Vercel dashboard
- JWT verification via custom verifyJWT middleware
- Firebase token decoded on the server
- Role-based logic for admin and vendor control
- HTTP-only tokens prevent XSS attacks
-- No ORM: This project uses MongoDB's native driver instead of Mongoose. -- No password stored: Auth is handled by Firebase, and the server generates its own JWT using verified emails. -- Data validation: Basic checks are implemented in routes; schema validation via Zod or Joi can be added in future.
- Add advanced filtering for products by date or market
- Admin analytics dashboard (revenue, order volume)
- Automated email notifications via Nodemailer
- WebSocket for real-time price alerts
- Advanced caching (Redis)
Made with ❤️ by Monisha Rema
📧 Email: monisharema97@gmail.com
🌐 Portfolio: https://portfolio-monisha.surge.sh
🐙 GitHub: https://github.com/monishaRema