E-Commerce API Documentation

Comprehensive REST API for E-commerce Platform with Products, Services, and Logistics Management

Base URL: https://your-domain.com/api/v1

Quick Navigation

Authentication Products Orders Logistics Admin
Authentication Endpoints
POST /auth/update/product/details OWNER ONLY
Update product details (only product owner)

Request Body

Parameter Type Required Description
Customer_ID string Yes Customer ID
POST /orders/logistics/history AUTH REQUIRED
Get logistics order history for a customer

Request Body

Parameter Type Required Description
Customer_ID string Yes Customer ID
POST /orders/logistics/active/details AUTH REQUIRED
Get details of a specific active logistics order

Request Body

Parameter Type Required Description
order_key string Yes Order key/ID
POST /orders/logistics/history/details AUTH REQUIRED
Get details of a specific logistics order from history

Request Body

Parameter Type Required Description
order_key string Yes Order key/ID
Admin Endpoints
GET /admin/get/all/active/orders ADMIN ONLY
Get all active orders across all customers

Response

200 All active orders retrieved

{ "active_orders_admin": { "Products": [ { "order_key": "order_id", "data": { "Product_ID": ["product_id"], "Customer_ID": "customer_id", "Service_Status": "order_placed" } } ], "Services": [...], "Logistics": [...] } }
GET /admin/get/all/orders/history ADMIN ONLY
Get complete order history across all customers

Response

200 All order history retrieved

{ "orders_history_admin": { "Products": [ { "order_key": "order_id", "data": { "Product_ID": ["product_id"], "Service_Status": "Delivered", "Completion_Timestamp": "2025-01-01T00:00:00Z" } } ], "Services": [...], "Logistics": [...] } }
POST /admin/get/order/details ADMIN ONLY
Get detailed information about any order

Request Body

Parameter Type Required Description
order_key string Yes Order key/ID
order_type string Yes "Product", "Service", or "Logistics"
history boolean No Get from history (default: false)

Response

200 Order details retrieved

404 Order not found

Authentication & Security

Firebase Authentication

This API uses Firebase Authentication for user management. Most endpoints require authentication.

Authentication Header Format:
Authorization: Bearer {firebase_id_token}

Account Types

Account Type Permissions Description
Buyer Place orders, view own orders Standard customer account
Seller Create/manage products, all buyer permissions Merchant account for selling products
Admin View all orders, system management Administrative access

Order Authentication System

Each order is assigned a unique 4-digit authentication code for verification:

  • Codes are automatically generated (1000-9999)
  • Required for completing or cancelling orders
  • System prevents duplicate codes
  • Logistics orders also get tracking IDs (LOG-YYMMDD-XXXX format)

Error Handling

Status Code Description Common Causes
200 Success Request completed successfully
201 Created Resource created successfully
400 Bad Request Missing required fields, invalid data
401 Unauthorized Missing or invalid authentication token
403 Forbidden Insufficient permissions for action
404 Not Found Resource does not exist
500 Internal Server Error Server-side error, database issues
Integration Guide

React TypeScript Integration

// API Client Example interface ApiResponse<T> { status?: string; data?: T; error?: string; } class ECommerceAPI { private baseURL = 'https://your-domain.com/api/v1'; private authToken: string | null = null; setAuthToken(token: string) { this.authToken = token; } private async request<T>( endpoint: string, options: RequestInit = {} ): Promise<ApiResponse<T>> { const headers = { 'Content-Type': 'application/json', ...(this.authToken && { 'Authorization': `Bearer ${this.authToken}` }), ...options.headers, }; const response = await fetch(`${this.baseURL}${endpoint}`, { ...options, headers, }); return response.json(); } // Authentication methods async register(userData: { email: string; password: string; display_name: string; }) { return this.request('/auth/register', { method: 'POST', body: JSON.stringify(userData), }); } async login(credentials: { email: string; password: string }) { return this.request('/auth/login', { method: 'POST', body: JSON.stringify(credentials), }); } // Product methods async getProducts() { return this.request('/auth/get/products'); } async createProduct(productData: any) { return this.request('/auth/create/product', { method: 'POST', body: JSON.stringify(productData), }); } // Order methods async placeProductOrder(orderData: any) { return this.request('/auth/place/product/order', { method: 'POST', body: JSON.stringify(orderData), }); } }

React Native Integration

// React Native API Service import AsyncStorage from '@react-native-async-storage/async-storage'; class ECommerceApiService { constructor() { this.baseURL = 'https://your-domain.com/api/v1'; } async getAuthToken() { return AsyncStorage.getItem('auth_token'); } async setAuthToken(token) { return AsyncStorage.setItem('auth_token', token); } async apiCall(endpoint, method = 'GET', body = null) { const token = await this.getAuthToken(); const headers = { 'Content-Type': 'application/json', }; if (token) { headers['Authorization'] = `Bearer ${token}`; } const config = { method, headers, }; if (body) { config.body = JSON.stringify(body); } try { const response = await fetch(`${this.baseURL}${endpoint}`, config); const data = await response.json(); if (!response.ok) { throw new Error(data.error || 'API request failed'); } return data; } catch (error) { console.error('API Error:', error); throw error; } } // Usage examples async registerUser(email, password, displayName) { return this.apiCall('/auth/register', 'POST', { email, password, display_name: displayName, }); } async getActiveOrders(customerId) { return this.apiCall('/orders/product/active', 'POST', { Customer_ID: customerId, }); } }

Common Workflows

User Registration & Setup Flow:
  1. POST /auth/register - Create user account
  2. Store returned idToken for authentication
  3. POST /auth/setup - Complete profile setup
  4. User can now access protected endpoints
Product Order Flow:
  1. GET /auth/get/products - Browse products
  2. POST /auth/place/product/order - Place order
  3. System generates authentication code
  4. POST /auth/complete/order - Complete with auth code
Seller Product Management:
  1. Ensure account type is "Seller" in setup
  2. POST /auth/create/product - Create products
  3. GET /auth/get/user/products - View own products
  4. POST /auth/update/product/details - Update products

Best Practices

  • Token Management: Securely store Firebase tokens, implement refresh logic
  • Error Handling: Always check response status codes and handle errors gracefully
  • Loading States: Show loading indicators during API calls
  • Validation: Validate user input before sending requests
  • Offline Support: Cache important data for offline usage
  • Security: Never expose sensitive data in client-side code
Database Structure

Firestore Collections

Collection Purpose Key Fields
users User profiles customer_id, full_name, email_address, user_account_type
Products Product catalog customer_id, productName, productPrice, storeLocation

Firebase Realtime Database Structure

Orders/ ├── {order_key}/ │ ├── CustomerProductOrders/ # Active product orders │ ├── CustomerServiceOrders/ # Active service orders │ ├── LogisticsOrders/ # Active logistics orders │ ├── ProductOrderHistory/ # Completed product orders │ ├── ServiceOrderHistory/ # Completed service orders │ ├── LogisticsOrderHistory/ # Completed logistics orders │ └── Orders_Service_Details/ # Authentication data

Order Status Flow

Order Type Initial Status Completion Status Cancellation Status
Product order_placed Delivered Cancelled
Service order_placed Fulfilled Cancelled
Logistics order_placed Shipped Cancelled
Parameter Type Required Description
product_id string Yes Product ID to update
Product_Name string No Updated product name
Product_Price string No Updated product price
Product_Description string No Updated product description
Store_Name string No Updated store name

Response

200 Product updated successfully

403 Unauthorized (not product owner)

404 Product not found

POST /auth/delete/create/product OWNER ONLY
Delete a product (only product owner)

Request Body

Parameter Type Required Description
product_id string Yes Product ID to delete

Response

200 Product deleted successfully

403 Unauthorized (not product owner)

404 Product not found

Order Management
POST /auth/place/product/order AUTH REQUIRED
Place a product order

Request Body

Parameter Type Required Description
Product_ID array No Array of product IDs
Customer_ID string No Customer ID
Customer_Address string No Delivery address
Customer_Email string No Customer email
Customer_Name string No Customer name
Customer_Phone string No Customer phone

Response

200 Order placed successfully

{ "status": "success", "order_key": "generated_order_key" }
Note: System automatically generates a 4-digit authentication code for order verification
POST /orders/product/active AUTH REQUIRED
Get active product orders for a customer

Request Body

Parameter Type Required Description
Customer_ID string Yes Customer ID

Response

200 Active orders retrieved

{ "active_product_orders": [ { "order_key": "order_id", "data": { "Product_ID": ["product_id"], "Customer_ID": "customer_id", "Customer_Name": "John Doe", "Authentication_Code": 1234, "Service_Status": "order_placed", "TimeStamp": "2025-01-01T00:00:00Z" } } ] }
POST /orders/product/active/details AUTH REQUIRED
Get details of a specific active product order

Request Body

Parameter Type Required Description
order_key string Yes Order key/ID

Response

200 Order details retrieved

404 Order not found

POST /orders/product/history AUTH REQUIRED
Get product order history for a customer

Request Body

Parameter Type Required Description
Customer_ID string Yes Customer ID

Response

200 Order history retrieved

{ "product_orders_history": [ { "order_key": "order_id", "data": { "Product_ID": ["product_id"], "Service_Status": "Delivered", "Completion_Timestamp": "2025-01-01T00:00:00Z" } } ] }
POST /orders/product/history/details AUTH REQUIRED
Get details of a specific product order from history

Request Body

Parameter Type Required Description
order_key string Yes Order key/ID
POST /auth/place/service/order AUTH REQUIRED
Place a service order

Request Body

Parameter Type Required Description
Service_ID string No Service ID
Customer_ID string No Customer ID
Service_Description string No Service description
Customer_Address string No Service address
Customer_Email string No Customer email
Customer_Name string No Customer name
Customer_Phone string No Customer phone

Response

200 Service order placed successfully

POST /orders/service/active AUTH REQUIRED
Get active service orders for a customer

Request Body

Parameter Type Required Description
Customer_ID string Yes Customer ID
POST /orders/service/history AUTH REQUIRED
Get service order history for a customer

Request Body

Parameter Type Required Description
Customer_ID string Yes Customer ID
POST /orders/service/active/details AUTH REQUIRED
Get details of a specific active service order

Request Body

Parameter Type Required Description
order_key string Yes Order key/ID
POST /orders/service/history/details AUTH REQUIRED
Get details of a specific service order from history

Request Body

Parameter Type Required Description
order_key string Yes Order key/ID
POST /auth/complete/order AUTH REQUIRED
Complete an order using authentication code

Request Body

Parameter Type Required Description
Authentication_Code integer Yes 4-digit auth code
Customer_ID string Yes Customer ID
Product_ID array No For product orders
Service_ID string No For service orders
Tracking_ID string No For logistics orders

Response

200 Order completed successfully

404 No matching order found

Note: Provide the appropriate ID field based on order type (Product_ID, Service_ID, or Tracking_ID)
POST /auth/cancel/order AUTH REQUIRED
Cancel an order using authentication code

Request Body

Same parameters as complete order endpoint

Response

200 Order cancelled successfully

404 No matching order found

Logistics Management
POST /auth/book/logistics AUTH REQUIRED
Book a logistics/shipping service

Request Body

Parameter Type Required Description
Customer_ID string No Customer ID
Customer_Address string No Pickup/delivery address
Customer_Email string No Customer email
Customer_Name string No Customer name
Customer_Phone string No Customer phone
Package_Weight string No Package weight
Shipment_Type string No Type of shipment
Package_Description string No Package description

Response

200 Logistics service booked successfully

{ "status": "success", "order_key": "generated_order_key" }
Note: System automatically generates a tracking ID in format: LOG-YYMMDD-XXXX
POST /orders/logistics/active AUTH REQUIRED
Get active logistics orders for a customer

Request Body

register
Register a new user account

Request Body

Parameter Type Required Description
email string Yes User's email address
password string Yes User's password (min 6 chars)
display_name string Yes User's display name

Example Request

{ "email": "user@example.com", "password": "securepassword123", "display_name": "John Doe" }

Response

201 Registration successful

{ "uid": "user_id_string", "email": "user@example.com", "display_name": "John Doe", "idToken": "jwt_token", "refreshToken": "refresh_token", "expiresIn": "3600", "profile": {} }

400 Missing required fields

POST /auth/login
Login with email and password

Request Body

Parameter Type Required Description
email string Yes User's email address
password string Yes User's password

Response

200 Login successful

401 Invalid credentials

POST /auth/logout AUTH REQUIRED
Logout and revoke refresh tokens

Headers

Header Value Description
Authorization Bearer {id_token} Firebase ID token

Response

200 Logout successful

401 Invalid token

POST /auth/setup AUTH REQUIRED
Complete user profile setup (Buyer/Seller)

Request Body (Common Fields)

Parameter Type Required Description
user_account_type string Yes "Buyer" or "Seller"
first_name string Yes User's first name
last_name string Yes User's last name
email_address string Yes User's email
phone_number string Yes User's phone number
home_address string Yes Street address
home_city string Yes City
home_state string Yes State/Province
home_country string Yes Country
home_zip_code string Yes ZIP/Postal code

Additional Fields for Sellers

Parameter Type Required Description
store_name string Yes Store name
store_hours array Yes Operating hours
store_description string Yes Store description
store_address string Yes Store address
store_city string Yes Store city
store_state string Yes Store state
store_country string Yes Store country
store_zip_code string Yes Store ZIP code
Note: All address fields are combined to create location strings in the format: "address, city, state, country, zip"
Product Management
POST /auth/create/product SELLER ONLY
Create a new product (Seller accounts only)

Request Body

Parameter Type Required Description
Store_Name string No Store name
Store_Hours array No Store operating hours
Product_Name string No Product name
Product_Price string No Product price
Store_Location string No Store location
Store_Description string No Store description
Product_Description string No Product description
Product_Order_Combination array No Product variants/combinations

Response

200 Product created successfully

{ "status": "success", "product_id": "generated_product_id" }

403 Unauthorized (Buyer accounts cannot create products)

GET /auth/get/products
Get all products (public endpoint)

Response

200 Products retrieved successfully

{ "products": [ { "product_id": "product_id", "customer_id": "seller_id", "storeName": "Store Name", "storeHours": ["9AM-5PM"], "productName": "Product Name", "productPrice": "99.99", "storeLocation": "Store Location", "storeDescription": "Store Description", "productDescription": "Product Description", "productOrderCombination": [], "created_at": "timestamp", "updated_at": "timestamp" } ] }
GET /auth/get/user/products AUTH REQUIRED
Get products created by the authenticated user

Response

200 User products retrieved successfully

{ "user_products": [...] }
POST /auth/get/product/details
Get details of a specific product

Request Body

Parameter Type Required Description
product_id string Yes Product ID to retrieve

Response

200 Product details retrieved

404 Product not found