A Node.js backend API with a complete Admin Panel CMS for managing ads data, built with Express.js.
- RESTful API architecture
- Express.js web framework
- Full-featured Admin Panel CMS
- B2B User Registration System with Admin Approval
- User Management Dashboard
- JWT-based authentication
- CRUD operations for ads management
- User approval workflow (pending, approved, rejected)
- Beautiful responsive UI
- CORS enabled
- Security headers with Helmet
- Request logging with Morgan
- Environment-based configuration
- Error handling middleware
- Health check endpoint
ads-data/
├── public/ # Static files
│ ├── css/ # Stylesheets
│ │ └── style.css
│ ├── js/ # Client-side JavaScript
│ │ ├── admin.js
│ │ ├── login.js
│ │ └── register.js
│ ├── admin.html # Admin dashboard (Ads & User Management)
│ ├── login.html # Login page
│ └── register.html # B2B registration page
├── src/
│ ├── config/ # Configuration files
│ ├── controllers/ # Request handlers
│ │ ├── adsController.js
│ │ ├── authController.js
│ │ └── userController.js
│ ├── middleware/ # Custom middleware (auth, error handling)
│ ├── models/ # Data models
│ │ ├── adsData.js
│ │ └── userData.js
│ ├── routes/ # API routes
│ │ ├── adminRoutes.js
│ │ ├── authRoutes.js
│ │ └── adsRoutes.js
│ ├── utils/ # Utility functions
│ ├── app.js # Express app setup
│ └── server.js # Server entry point
├── .env.example # Example environment variables
├── .gitignore
├── package.json
└── README.md
- Node.js (v14 or higher)
- npm or yarn
- Clone the repository:
git clone https://github.com/sarvarjafarov/ads-data.git
cd ads-data- Install dependencies:
npm install- Create environment file:
cp .env.example .env- Configure your environment variables in
.env:
PORT=3000
NODE_ENV=development
CORS_ORIGIN=*
# JWT Configuration
JWT_SECRET=your-secret-key-change-in-production
JWT_EXPIRE=7d
# Admin Credentials (change in production!)
ADMIN_USERNAME=admin
ADMIN_PASSWORD=admin123Development mode (with auto-reload):
npm run devProduction mode:
npm startThe server will start on http://localhost:3000
-
Open your browser and navigate to:
http://localhost:3000/admin/login -
Login with default credentials:
- Username: admin
- Password: admin123
-
After successful login, you'll be redirected to the admin dashboard where you can:
- Ads Management Tab:
- View all ads in a table format
- Create new ads
- Edit existing ads
- Delete ads
- Filter and manage ad status (active, inactive, draft)
- User Management Tab:
- View all registered B2B users
- Approve pending user registrations
- Reject user registrations
- Filter users by status (all, pending, approved, rejected)
- Delete users
- Monitor user statistics
- Ads Management Tab:
- Authentication: Secure JWT-based authentication
- Dashboard: Clean, modern interface with statistics and tabbed navigation
- Ads Management:
- Complete CRUD operations
- Image support for ads
- Category organization (Electronics, Fashion, Home, etc.)
- Status management (active, inactive, draft)
- User Management:
- B2B user approval workflow
- View pending registrations
- Approve/reject users
- User filtering by status
- Delete user accounts
- Protected admin account
- Responsive Design: Works on desktop, tablet, and mobile devices
-
Navigate to the registration page:
http://localhost:3000/register -
Fill out the registration form with:
- Username
- Business Email
- Password
- Company Name
- Contact Person (optional)
- Phone Number (optional)
-
After submitting, your account will be created with pending status
-
Wait for admin approval before you can login
- User Registers → Status:
pending - Admin Reviews → Admin can approve or reject
- User Approved → Status:
approved→ User can now login - User Rejected → Status:
rejected→ User cannot login
- Users with
pendingstatus will see: "Your account is pending approval" - Users with
rejectedstatus will see: "Your account has been rejected" - Only
approvedusers can access the system
GET /api/health- Check server health status
POST /api/auth/register- Register new B2B user (creates user with pending status)POST /api/auth/login- Login and get JWT token (checks approval status)POST /api/auth/logout- Logout (requires authentication)GET /api/auth/me- Get current user info (requires authentication)
GET /api/ads- Get all adsGET /api/ads/:id- Get ad by IDPOST /api/ads- Create new adPUT /api/ads/:id- Update ad by IDDELETE /api/ads/:id- Delete ad by ID
Ads Management:
GET /api/admin/ads- Get all ads (admin)GET /api/admin/ads/:id- Get ad by ID (admin)POST /api/admin/ads- Create new ad (admin)PUT /api/admin/ads/:id- Update ad by ID (admin)DELETE /api/admin/ads/:id- Delete ad by ID (admin)
User Management:
GET /api/admin/users- Get all users (admin)GET /api/admin/users/pending- Get pending users (admin)GET /api/admin/users/:id- Get user by ID (admin)POST /api/admin/users/:id/approve- Approve user (admin)POST /api/admin/users/:id/reject- Reject user (admin)DELETE /api/admin/users/:id- Delete user (admin)
curl http://localhost:3000/api/healthcurl -X POST http://localhost:3000/api/auth/register \
-H "Content-Type: application/json" \
-d '{
"username": "johndoe",
"email": "john@company.com",
"password": "securepass123",
"companyName": "Acme Corp",
"contactPerson": "John Doe",
"phone": "+1234567890"
}'curl -X POST http://localhost:3000/api/auth/login \
-H "Content-Type: application/json" \
-d '{"username": "admin", "password": "admin123"}'curl -X POST http://localhost:3000/api/admin/users/USER_ID/approve \
-H "Authorization: Bearer YOUR_JWT_TOKEN"curl http://localhost:3000/api/admin/users/pending \
-H "Authorization: Bearer YOUR_JWT_TOKEN"curl -X POST http://localhost:3000/api/admin/ads \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-d '{
"title": "Sample Ad",
"description": "This is a sample ad",
"price": 99.99,
"category": "Electronics",
"status": "active"
}'curl http://localhost:3000/api/adscurl -X PUT http://localhost:3000/api/admin/ads/1 \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_JWT_TOKEN" \
-d '{"title": "Updated Ad", "price": 149.99}'curl -X DELETE http://localhost:3000/api/admin/ads/1 \
-H "Authorization: Bearer YOUR_JWT_TOKEN"- Create a controller in
src/controllers/ - Create a route file in
src/routes/ - Register the route in
src/routes/index.js
All errors are handled by the error handling middleware in src/middleware/errorHandler.js. Errors will return JSON responses with appropriate status codes.
- Change the
JWT_SECRETin.envto a strong, random string - Update admin credentials (
ADMIN_USERNAMEandADMIN_PASSWORD) - Set
NODE_ENV=production - Configure
CORS_ORIGINto your frontend domain - Use HTTPS in production
- Consider adding rate limiting
- Implement proper password hashing for multiple users
The application currently uses in-memory storage for demonstration purposes. All data will be lost when the server restarts.
- Add database integration (MongoDB, PostgreSQL, MySQL, etc.)
- ✅
Implement proper user management system(Completed: B2B registration with approval workflow) - Add file upload for images
- Add input validation and sanitization
- Add email notifications for user approval/rejection
- Write unit and integration tests
- Add API documentation (Swagger/OpenAPI)
- Implement rate limiting
- Add caching layer
- Set up logging and monitoring
- Add password reset functionality
- Implement two-factor authentication (2FA)
ISC