Production: https://your-railway-app.up.railway.app/api
Local: http://localhost:5017/api
JWT Bearer token required for protected routes.
Header format: Authorization: Bearer <token>
POST /account/register- Create customer accountPOST /account/login- Authenticate customer, receive JWTPOST /account/admin-login- Authenticate admin, receive JWTGET /account/profile- Get current customer profilePUT /account/profile- Update profileGET /account/addresses- Get customer shipping addressesPOST /account/addresses- Add shipping address
GET /products- List all active products (paginated, sortable, filterable)GET /products/{slug}- Get product details, variants, images, and reviewsGET /categories- List all active categories
POST /cart/validate- Validate cart items against current stock and pricesPOST /checkout- Process order and generate mock Stripe intent
GET /orders/my- List customer's ordersGET /orders/my/{id}- Get specific order details
GET /admin/analytics/overview- Dashboard statisticsGET /admin/analytics/revenue- Revenue chart dataGET /admin/orders- Management view of all ordersPATCH /admin/orders/{id}/status- Update order status (Pending → Processing → Shipped → Delivered)POST /admin/products- Create new productPUT /admin/products/{id}- Update productGET /admin/customers- View customer accounts and metricsGET /admin/reviews- Moderate product reviews