This project is a robust, secure e-commerce backend built using Java, Spring Boot, Spring Data JPA, and MySQL. It provides comprehensive APIs for user management, product catalog control, inventory management, shopping cart functionality, and order processing, complete with role-based access control (RBAC).
Features
User Authentication & Authorization: Secure user registration, login, and role management using Spring Security (ROLE_CUSTOMER, ROLE_ADMIN).
Product Management: Full CRUD operations for products, including inventory tracking (stockQuantity).
Shopping Cart: Add, update, view, and clear cart items for authenticated users.
Order Processing: A comprehensive checkout flow that validates addresses, calculates shipping costs, processes the order, updates inventory, and clears the cart.
Order Management: Admin APIs for viewing history, updating order statuses, and cancelling orders (soft delete).
Database: Persistent data storage using MySQL.
Technology Stack
Language: Java 17+
Framework: Spring Boot 3.x
Database: MySQL
Build Tool: Gradle
ORM: Hibernate / Spring Data JPA
Security: Spring Security
Setup and Installation Prerequisites
Java JDK 17+
MySQL Server instance running (default port 3306)
A MySQL database created (e.g., store_db)
Configuration Update the src/main/resources/application.properties file with your MySQL database credentials: properties
spring.datasource.url=jdbc:mysql://localhost:3306/your_database_name spring.datasource.username=your_mysql_user spring.datasource.password=your_mysql_password spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
spring.jpa.hibernate.ddl-auto=update spring.jpa.show-sql=true spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect
spring.jpa.defer-datasource-initialization=true
Use code with caution. Running the Application
Sync Gradle: Load the dependencies in your IDE.
Run: Execute the main application class (the class with @SpringBootApplication) or use the Gradle command:
bash
./gradlew bootRun
Use code with caution.
The application will start on http://localhost:8080.
API Endpoints (Postman/Testing) The application uses role-based access control. Public endpoints require no authentication. Protected endpoints require HTTP Basic Auth headers.
Public Endpoints Method Path Description POST /api/users/register Register a new user GET /api/products View all products GET /api/products/{id} View single product GET /api/orders/shipping-methods View available shipping methods
Authenticated User Endpoints (ROLE_CUSTOMER / ROLE_ADMIN) Method Path Description POST /api/auth/login Login and establish session GET /api/cart/{userId} View user's cart POST /api/cart/add/{userId}/{productId}?quantity=X Add item to cart POST /api/orders/checkout/{userId}/{shippingMethodId} Finalize order/checkout GET /api/orders/history/{userId} View user order history
Administrator Endpoints (ROLE_ADMIN Only) Method Path Description POST /api/products/admin Create new product PUT /api/products/admin/{productId} Update product details DELETE /api/products/admin/{productId} Delete product GET /api/users/admin/all View all users PUT /api/orders/admin/status/{orderId}?newStatusString=X Update order status
Testing Credentials To test the system, register users via the API first:
Customer User:
Email: customer@store.com
Password: CustomerPass123!
Role: ROLE_CUSTOMER
Admin User:
Email: admin@store.com
Password: AdminPass123!
Role: ROLE_ADMIN