A full-stack web application for managing products with user authentication, authorization, and admin dashboard functionality. Built with modern web technologies for a scalable and maintainable codebase.
Webiators is a comprehensive Product Management System featuring a React-based frontend and a robust Node.js backend API. It enables users to browse products, manage inventory with rich descriptions and image galleries, and provides admin controls for product lifecycle management.
- Framework: React 18
- Build Tool: Vite
- UI Library: Material-UI (MUI)
- Styling: Emotion CSS-in-JS
- State Management: Context API
- HTTP Client: Axios
- Rich Text Editor: React Quill
- Carousel: Swiper
- Notifications: React Toastify
- Testing: Vitest with React Testing Library
- Router: React Router 7
- Runtime: Node.js (ES Modules)
- Framework: Express.js 5
- Database: MongoDB with Mongoose ODM
- Authentication: JWT (JSON Web Tokens)
- Password Hashing: bcryptjs
- Input Validation: Joi
- Security: Helmet.js, HPP, CORS, Rate Limiting
- Testing: Vitest with Supertest
- Development: Nodemon, Morgan
- User registration and login authentication
- Product detail view with image gallery
- Rich product descriptions with HTML content support
- Protected user routes
- Admin dashboard
- Product CRUD operations (Create, Read, Update, Delete)
- Bulk product upload support
- Image gallery management
- User management
- JWT-based authentication and authorization
- Password encryption with bcryptjs
- Input validation and sanitization
- Rate limiting to prevent abuse
- CORS protection
- Security headers with Helmet.js
- Parameter pollution prevention (HPP)
webiators/
├── client/ # React Frontend
│ ├── src/
│ │ ├── Components/ # Reusable React components
│ │ │ ├── layout/ # Header and Sidebar components
│ │ │ ├── products/ # Product-related components
│ │ │ └── AllRoutes.jsx, PrivateRoute.jsx
│ │ ├── Pages/ # Page components
│ │ ├── Context/ # React Context (Auth, Product, GlobalInfo)
│ │ ├── Utils/ # API utilities
│ │ ├── theme/ # Theme configuration
│ │ ├── tests/ # Test files
│ │ ├── App.jsx # Main App component
│ │ └── main.jsx # Entry point
│ ├── package.json
│ └── vite.config.js
│
└── server/ # Node.js/Express Backend
├── Controller/ # Route controllers
├── Model/ # Mongoose models (Users, Products)
├── Routes/ # API routes
├── Middleware/ # Custom middleware
├── Utils/ # Utility functions (JWT, Rate Limiter)
├── tests/ # Test files
├── app.js # Express app setup
├── server.js # Server entry point
├── config.env # Environment configuration
├── package.json
└── vitest.config.js
- Node.js >= 18.x
- MongoDB (local or MongoDB Atlas)
- npm or yarn
-
Navigate to server directory
cd server -
Install dependencies
npm install
-
Configure environment variables
Create a
config.envfile in the server directory:# Database DATABASE_URI=mongodb+srv://username:password@cluster.mongodb.net/webiators # JWT JWT_SECRET=your_jwt_secret_key_here JWT_EXPIRE=7d # Server PORT=5000 NODE_ENV=development # Security RATE_LIMIT_WINDOW_MS=15000 RATE_LIMIT_MAX_REQUESTS=10
-
Start the server
npm start # With auto-reload (nodemon) npm run dev # Alternative dev command
Server runs on
http://127.0.0.1:5000|https://webiators-pms.onrender.com
-
Navigate to client directory
cd client -
Install dependencies
npm install
-
Start development server
npm run dev
Frontend runs on
http://localhost:5173|https://webiators-pms.vercel.app
npm run dev # Start development server
npm run build # Build for production
npm run preview # Preview production build
npm run lint # Run ESLint
npm test # Run tests once
npm run test:watch # Run tests in watch mode
npm run test:ui # Run tests with UI
npm run test:coverage # Generate coverage reportnpm start # Start with nodemon
npm run dev # Run dev server
npm test # Run tests once
npm run test:watch # Run tests in watch mode
npm run test:coverage # Generate coverage reportThe application uses JWT-based authentication:
- Register: Users create an account with email and password
- Login: Users authenticate and receive a JWT token
- Token Storage: Token is stored in cookies/localStorage
- Protected Routes: Private routes check token validity
- Admin Access: Admin role grants access to admin dashboard
Authorization: Bearer <jwt_token>
_id- MongoDB ObjectIdname- User full nameemail- Unique email addresspassword- Hashed passwordcreatedAt- Account creation dateupdatedAt- Last update date
_id- MongoDB ObjectIdmetaTitle- metaTitleproductName- Product namedescription- Rich HTML descriptionprice- Product priceslug- Product slugdiscountedPrice- Product discountedPricegalleryImages- Array of galleryImages URLsisActive- Boolean
cd client
npm test # Run all tests
npm run test:watch # Watch mode
npm run test:ui # Interactive UI
npm run test:coverage # Coverage reportTest Files:
AuthContext.test.js- Authentication contextProductContext.test.js- Product contextLogin.test.js- Login pageDashboard.test.js- Admin dashboardProductForm.test.js- Product formIntegration.test.js- Integration tests
cd server
npm test # Run all tests
npm run test:watch # Watch mode
npm run test:coverage # Coverage reportTest Files:
auth.test.js- Authentication endpointsproduct.test.js- Product CRUD endpointsvalidation.test.js- Input validationsetup.js- Test configuration
https://webiators-pms.onrender.com/api/v1
POST /user/register- Register new userPOST /user/login- Login user
GET /products- Get all products(authenticated)GET /products/:id- Get product details(authenticated)POST /products- Create product (authenticated)PUT /products/:id- Update product(authenticated)DELETE /products/:id- Delete product(authenticated)
- JWT authentication with expiration
- Password hashing with bcryptjs
- Input validation with Joi
- XSS protection with DOMPurify
- Rate limiting per IP
- CORS configuration
- Security headers (Helmet.js)
- HTTP Parameter Pollution protection
- Protected API routes
react@18.3.1- UI libraryreact-router@7.13.0- Routingaxios@1.13.4- HTTP requests@mui/material@7.3.7- UI componentsreact-quill@2.0.0- Rich text editor
express@5.2.1- Web frameworkmongoose@9.1.5- MongoDB ODMjsonwebtoken@9.0.3- JWT authenticationjoi@18.0.2- Schema validationbcryptjs@3.0.3- Password hashing
- Configured for Vercel (see
client/vercel.json) - Build output:
dist/directory - Environment variables in Vercel dashboard
- Deploy to Render
- Set environment variables in hosting platform
- Ensure MongoDB connection from server is allowed
- Create a feature branch (
git checkout -b feature/YourFeature) - Commit changes (
git commit -m 'Add YourFeature') - Push to branch (
git push origin feature/YourFeature) - Open a Pull Request
Sankalp Patel
Last Updated: February 2026