Project Name: # 🚗 Vehicle Rental System
Live Project Link: vehicle-rental-system
A backend API for a vehicle rental management system that handles:
- Vehicles - Manage vehicle inventory with availability tracking
- Customers - Manage customer accounts and profiles
- Bookings - Handle vehicle rentals, returns and cost calculation
- Authentication - Secure role-based access control (Admin and Customer roles)
Technology Stack:
- Node.js + TypeScript
- Express.js (web framework)
- PostgreSQL (database)
- bcrypt (password hashing)
- jsonwebtoken (JWT authentication)
IMPORTANT: followed modular pattern with clear separation of concerns. Organized the code into feature-based modules (e.g., auth, users, vehicles, bookings) with proper layering (routes, controllers, services).
| Field | Notes |
|---|---|
| id | Auto-generated |
| name | Required |
| Required, unique, lowercase | |
| password | Required, min 6 characters |
| phone | Required |
| role | 'admin' or 'customer' |
| Field | Notes |
|---|---|
| id | Auto-generated |
| vehicle_name | Required |
| type | 'car', 'bike', 'van' or 'SUV' |
| registration_number | Required, unique |
| daily_rent_price | Required, positive |
| availability_status | 'available' or 'booked' |
| Field | Notes |
|---|---|
| id | Auto-generated |
| customer_id | Links to Users table |
| vehicle_id | Links to Vehicles table |
| rent_start_date | Required |
| rent_end_date | Required, must be after start date |
| total_price | Required, positive |
| status | 'active', 'cancelled' or 'returned' |
- Admin - Full system access to manage vehicles, users and all bookings
- Customer - Can register, view vehicles, create/manage own bookings
- Passwords are hashed using bcrypt before storage into the database
- User login via
/api/v1/auth/signinand receives a JWT (JSON Web Token) - Protected endpoints require token in header:
Authorization: Bearer <token> - Validates the token and checks user permissions
- Access granted if authorized, otherwise returns 401 (Unauthorized) or 403 (Forbidden)
⚠️ IMPORTANT: All API endpoint implementations exactly match the specifications defined in API Reference. This includes:
- Exact URL patterns (e.g.,
/api/v1/vehicles/:vehicleId)- Request body structure and field names
- Response format and data structure
| Method | Endpoint | Access | Description |
|---|---|---|---|
| POST | /api/v1/auth/signup |
Public | Register new user account |
| POST | /api/v1/auth/signin |
Public | Login and receive JWT token |
| Method | Endpoint | Access | Description |
|---|---|---|---|
| POST | /api/v1/vehicles |
Admin only | Add new vehicle with name, type, registration, daily rent price and availability status |
| GET | /api/v1/vehicles |
Public | View all vehicles in the system |
| GET | /api/v1/vehicles/:vehicleId |
Public | View specific vehicle details |
| PUT | /api/v1/vehicles/:vehicleId |
Admin only | Update vehicle details, daily rent price or availability status |
| DELETE | /api/v1/vehicles/:vehicleId |
Admin only | Delete vehicle (only if no active bookings exist) |
| Method | Endpoint | Access | Description |
|---|---|---|---|
| GET | /api/v1/users |
Admin only | View all users in the system |
| PUT | /api/v1/users/:userId |
Admin or Own | Admin: Update any user's role or details; Customer: Update own profile only |
| DELETE | /api/v1/users/:userId |
Admin only | Delete user (only if no active bookings exist) |
| Method | Endpoint | Access | Description |
|---|---|---|---|
| POST | /api/v1/bookings |
Customer or Admin | Create booking with start/end dates; validates availability; calculates total price; updates vehicle status to "booked" |
| GET | /api/v1/bookings |
Role-based | Admin: View all bookings; Customer: View own bookings only |
| PUT | /api/v1/bookings/:bookingId |
Role-based | Customer: Cancel booking (before start date only); Admin: Mark as "returned"; System: Auto-return after end date |