A modern, production-ready full-stack e-commerce platform built with React, Node.js, Express, and MySQL.
- React 18 with Vite
- Tailwind CSS 3 for styling
- React Router v6 for routing
- Framer Motion for animations
- React Hot Toast for notifications
- React Icons for iconography
- Axios for HTTP requests
- Context API for state management
- Node.js with Express
- MySQL with mysql2 (prepared statements)
- JWT authentication with refresh tokens
- bcryptjs for password hashing
- Stripe payment integration
- Nodemailer for emails
- Helmet for security headers
- express-rate-limit for rate limiting
- express-validator for input validation
- Multer for file uploads
- User registration/login with JWT
- Google OAuth support
- Password reset via email
- Role-based access (User/Admin)
- Rate limiting, Helmet, XSS protection
- CRUD operations (Admin)
- Multiple product images with gallery
- Product variants (size, color)
- Categories & subcategories
- Inventory management with low-stock alerts
- Featured products & deals
- Discount/compare price system
- Advanced search with debouncing
- Category & price filtering
- Multiple sort options
- Product ratings & reviews
- Related products
- Image zoom effect
- Breadcrumb navigation
- Persistent cart (authenticated & guest)
- Quantity management
- Multi-step checkout (Shipping → Payment → Review)
- Coupon system
- Tax & shipping calculations
- Order tracking with timeline
- Email confirmation
- Order history for users
- Full order management for Admin
- Invoice generation
- Revenue analytics
- Order statistics
- User management
- Product management
- Low-stock alerts
- Monthly revenue charts
- Dark/Light mode toggle
- Mobile-first responsive design
- Skeleton loaders
- Smooth animations
- Empty states
- Toast notifications
- Modern minimalist design
ecw/
├── frontend/ # React + Vite + Tailwind CSS
│ ├── public/
│ │ ├── robots.txt
│ │ └── vite.svg
│ └── src/
│ ├── components/
│ │ ├── layout/ # Navbar, Footer
│ │ ├── ui/ # Breadcrumb, Skeleton
│ │ └── product/ # ProductCard
│ ├── pages/ # All page components
│ ├── context/ # Auth, Cart, Theme contexts
│ ├── services/ # Axios API service
│ ├── utils/ # Helper functions
│ └── styles/ # Global CSS with Tailwind
│
├── backend/ # Node.js + Express API
│ ├── config/ # DB & app config
│ ├── controllers/ # Route handlers
│ ├── middleware/ # Auth, validation, upload
│ ├── models/ # Database models
│ ├── routes/ # API routes
│ ├── utils/ # JWT, email, errors
│ ├── validators/ # Input validation
│ └── server.js # Entry point
│
├── database/
│ └── schema.sql # MySQL schema + seed data
│
├── .env.example
└── README.md
- Node.js v18+
- MySQL 8+
- npm or yarn
-
Clone the repository
git clone <repo-url> cd ecw
-
Backend Setup
cd backend npm installCreate a
.envfile in the backend directory (see.env.example):PORT=5000 DB_HOST=localhost DB_USER=root DB_PASSWORD=yourpassword DB_NAME=ecw_database JWT_SECRET=your-secret-key
-
Database Setup
- Create a MySQL database named
ecw_database - Import the schema:
mysql -u root -p ecw_database < database/schema.sql - Optional: add 100+ demo products with image galleries:
cd backend npm run seed:products
- Create a MySQL database named
-
Frontend Setup
cd frontend npm install -
Run the Application
Backend:
cd backend npm run devFrontend (in a new terminal):
cd frontend npm run devThe app will be available at
http://localhost:5173
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/auth/register |
Register new user |
| POST | /api/auth/login |
Login user |
| POST | /api/auth/refresh |
Refresh JWT token |
| POST | /api/auth/google |
Google OAuth login |
| POST | /api/auth/forgot-password |
Request password reset |
| POST | /api/auth/reset-password/:token |
Reset password |
| GET | /api/auth/profile |
Get user profile |
| PUT | /api/auth/profile |
Update profile |
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/products |
List products (with filters) |
| GET | /api/products/featured |
Featured products |
| GET | /api/products/categories |
All categories |
| GET | /api/products/:slug |
Product detail |
| POST | /api/products |
Create product (Admin) |
| PUT | /api/products/:id |
Update product (Admin) |
| DELETE | /api/products/:id |
Delete product (Admin) |
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/cart |
Get cart items |
| POST | /api/cart |
Add to cart |
| PUT | /api/cart/:id |
Update quantity |
| DELETE | /api/cart/:id |
Remove item |
| DELETE | /api/cart |
Clear cart |
| Method | Endpoint | Description |
|---|---|---|
| POST | /api/orders |
Create order |
| POST | /api/orders/create-payment-intent |
Stripe payment intent |
| GET | /api/orders |
User orders |
| GET | /api/orders/all |
All orders (Admin) |
| GET | /api/orders/:orderNumber |
Order detail |
| PUT | /api/orders/:id/status |
Update status (Admin) |
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/users/wishlist |
Get wishlist |
| POST | /api/users/wishlist |
Toggle wishlist |
| POST | /api/users/reviews |
Add review |
| GET | /api/users/addresses |
Get addresses |
| POST | /api/users/addresses |
Add address |
| PUT | /api/users/addresses/:id |
Update address |
| DELETE | /api/users/addresses/:id |
Delete address |
| GET | /api/users/banners |
Get banners |
| GET | /api/users/dashboard |
Admin stats |
category- Filter by category slugsearch- Search by name/descriptionminPrice,maxPrice- Price range filterrating- Minimum rating filtersort- Sort order (price_asc, price_desc, newest, popular, rating)page,limit- Paginationfeatured- Featured products only
- Push code to GitHub
- Import project in Vercel
- Set framework to Vite
- Set environment variables in Vercel dashboard
- Deploy
- Create a new Web Service in Render
- Connect GitHub repository
- Set root directory to
backend - Build command:
npm install - Start command:
npm start - Add environment variables in Render dashboard
- Create a PlanetScale account
- Create a new database
- Get connection string
- Import schema using PlanetScale CLI or dashboard
- Update backend environment variables
| Variable | Description |
|---|---|
| PORT | Server port (default: 5000) |
| DB_HOST | MySQL host |
| DB_USER | MySQL user |
| DB_PASSWORD | MySQL password |
| DB_NAME | Database name |
| JWT_SECRET | JWT signing secret |
| JWT_REFRESH_SECRET | Refresh token secret |
| GOOGLE_CLIENT_ID | Google OAuth client ID |
| STRIPE_SECRET_KEY | Stripe secret key |
| SMTP_HOST | Email SMTP host |
| SMTP_USER | Email user |
| FRONTEND_URL | Frontend URL for CORS |
- Password hashing with bcrypt (12 rounds)
- JWT with short expiration + refresh tokens
- SQL injection prevention (prepared statements)
- Input validation with express-validator
- Rate limiting on API routes
- Helmet security headers
- CORS configuration
- File upload validation
- Secure HTTP-only cookies (configurable)
- Lazy loading images
- Code splitting with Vite
- API pagination
- Debounced search
- Skeleton loaders
- Optimized bundle with manual chunks
- Image optimization ready
MIT