b8143c43e4
- Set up project structure and FastAPI application - Create database models for users, products, and inventory - Configure SQLAlchemy and Alembic for database management - Implement JWT authentication - Create API endpoints for user, product, and inventory management - Add admin-only routes and authorization middleware - Add health check endpoint - Update README with documentation - Lint and fix code issues
159 lines
4.6 KiB
Markdown
159 lines
4.6 KiB
Markdown
# Ecommerce Authentication and Inventory API
|
|
|
|
A FastAPI backend that provides authentication, product management, and inventory tracking for an ecommerce application.
|
|
|
|
## Features
|
|
|
|
- User authentication with JWT tokens
|
|
- Role-based access control (admin, staff, customer)
|
|
- Product and category management
|
|
- Inventory tracking with transaction history
|
|
- Admin-only routes for sensitive operations
|
|
- SQLite database with SQLAlchemy ORM
|
|
- Database migrations with Alembic
|
|
|
|
## Project Structure
|
|
|
|
```
|
|
ecommerceauthenticationandinventoryapi/
|
|
├── app/
|
|
│ ├── api/
|
|
│ │ ├── endpoints/
|
|
│ │ │ ├── auth.py
|
|
│ │ │ ├── inventory.py
|
|
│ │ │ ├── products.py
|
|
│ │ │ └── users.py
|
|
│ │ ├── api.py
|
|
│ │ └── deps.py
|
|
│ ├── core/
|
|
│ │ ├── config.py
|
|
│ │ └── security.py
|
|
│ ├── crud/
|
|
│ │ ├── inventory.py
|
|
│ │ ├── product.py
|
|
│ │ └── user.py
|
|
│ ├── db/
|
|
│ │ ├── base.py
|
|
│ │ ├── deps.py
|
|
│ │ └── session.py
|
|
│ ├── models/
|
|
│ │ ├── inventory.py
|
|
│ │ ├── product.py
|
|
│ │ └── user.py
|
|
│ └── schemas/
|
|
│ ├── auth.py
|
|
│ ├── inventory.py
|
|
│ ├── product.py
|
|
│ ├── token.py
|
|
│ └── user.py
|
|
├── migrations/
|
|
│ └── versions/
|
|
│ └── 00001_initial_schema.py
|
|
├── alembic.ini
|
|
├── main.py
|
|
└── requirements.txt
|
|
```
|
|
|
|
## API Endpoints
|
|
|
|
### Authentication
|
|
|
|
- `POST /api/v1/auth/register` - Register a new user
|
|
- `POST /api/v1/auth/login` - Login with username/password (OAuth2 form)
|
|
- `POST /api/v1/auth/login/json` - Login with email/password (JSON)
|
|
- `GET /api/v1/auth/me` - Get current user details
|
|
|
|
### Users
|
|
|
|
- `GET /api/v1/users/` - Get all users (admin only)
|
|
- `POST /api/v1/users/` - Create a new user (admin only)
|
|
- `GET /api/v1/users/{user_id}` - Get user by ID
|
|
- `PUT /api/v1/users/{user_id}` - Update user
|
|
- `DELETE /api/v1/users/{user_id}` - Delete user (admin only)
|
|
|
|
### Products
|
|
|
|
- `GET /api/v1/products/` - Get all products
|
|
- `POST /api/v1/products/` - Create a new product (admin only)
|
|
- `GET /api/v1/products/{product_id}` - Get product by ID
|
|
- `PUT /api/v1/products/{product_id}` - Update product (admin only)
|
|
- `DELETE /api/v1/products/{product_id}` - Delete product (admin only)
|
|
|
|
### Categories
|
|
|
|
- `GET /api/v1/products/categories/` - Get all categories
|
|
- `POST /api/v1/products/categories/` - Create a new category (admin only)
|
|
- `GET /api/v1/products/categories/{category_id}` - Get category by ID
|
|
- `PUT /api/v1/products/categories/{category_id}` - Update category (admin only)
|
|
- `DELETE /api/v1/products/categories/{category_id}` - Delete category (admin only)
|
|
|
|
### Inventory
|
|
|
|
- `GET /api/v1/inventory/items/` - Get all inventory items
|
|
- `POST /api/v1/inventory/items/` - Create a new inventory item (admin only)
|
|
- `GET /api/v1/inventory/items/{item_id}` - Get inventory item by ID
|
|
- `PUT /api/v1/inventory/items/{item_id}` - Update inventory item (admin only)
|
|
- `DELETE /api/v1/inventory/items/{item_id}` - Delete inventory item (admin only)
|
|
|
|
### Inventory Transactions
|
|
|
|
- `GET /api/v1/inventory/transactions/` - Get all transactions (admin only)
|
|
- `POST /api/v1/inventory/transactions/` - Create a new transaction (admin only)
|
|
- `GET /api/v1/inventory/transactions/{transaction_id}` - Get transaction by ID (admin only)
|
|
|
|
## Getting Started
|
|
|
|
### Prerequisites
|
|
|
|
- Python 3.8+
|
|
- SQLite
|
|
|
|
### Installation
|
|
|
|
1. Clone the repository
|
|
2. Install dependencies:
|
|
```
|
|
pip install -r requirements.txt
|
|
```
|
|
3. Set up environment variables (see below)
|
|
4. Run database migrations:
|
|
```
|
|
alembic upgrade head
|
|
```
|
|
5. Start the server:
|
|
```
|
|
uvicorn main:app --host 0.0.0.0 --port 8000 --reload
|
|
```
|
|
|
|
### Environment Variables
|
|
|
|
Create a `.env` file in the root directory with the following variables:
|
|
|
|
```
|
|
SECRET_KEY=your-secret-key-here
|
|
ACCESS_TOKEN_EXPIRE_MINUTES=30
|
|
BACKEND_CORS_ORIGINS=["*"] # For production, specify allowed origins
|
|
```
|
|
|
|
## Documentation
|
|
|
|
API documentation is available at:
|
|
- Swagger UI: `/docs`
|
|
- ReDoc: `/redoc`
|
|
- OpenAPI JSON: `/openapi.json`
|
|
|
|
## Authentication
|
|
|
|
This API uses JWT tokens for authentication. To authenticate:
|
|
|
|
1. Register a user or login with existing credentials
|
|
2. Use the returned access token in the Authorization header for subsequent requests:
|
|
```
|
|
Authorization: Bearer <access_token>
|
|
```
|
|
|
|
## User Roles
|
|
|
|
- **Admin**: Full access to all endpoints
|
|
- **Staff**: Access to view products and inventory
|
|
- **Customer**: Limited access to view products |