Complete REST API for Borderlands 3 equipment management with six entities (weapons, vault_hunters, shields, relics, grenades, classmods) including full CRUD operations, advanced validation, authentication, pagination, sorting, and search functionality.
- ✅ 6 CRUD entities: weapons, vault-hunters, shields, relics, grenades, classmods
- ✅ Advanced validation: Regex patterns, logical validation, centralized middleware
- ✅ Authentication: JWT-based auth system with protected endpoints
- ✅ Search & pagination: Multi-field search with limit/offset
- ✅ Sorting: Sort by any field with asc/desc order
- ✅ Security: Helmet, CORS, input validation, SQL injection protection
- ✅ Documentation: Complete HTML documentation at root endpoint
- Node.js ≥20.0.0
- npm
# Clone repository
git clone <repository-url>
cd Backend-Web-Node.js
# Install dependencies
npm install
# Setup database
npx knex migrate:latest
npx knex seed:run
# Start development server
npm run dev
# Start production server
npm startCreate a .env file in root directory based on .env.example:
PORT=3000
NODE_ENV=development
DATABASE_PATH=./data/db.sqlite3
JWT_SECRET=your-super-secret-jwt-key-change-in-production-please
JWT_EXPIRES_IN=24h
BCRYPT_ROUNDS=12Important: Always set a secure JWT_SECRET in production!
POST /api/auth/login- Login and get JWT tokenGET /api/auth/me- Get current user (requires auth)POST /api/auth/logout- Logout and invalidate token (requires auth)
GET /api/weapons- List weapons with pagination, search, and sortingPOST /api/weapons- Create weapon (requires auth)GET /api/weapons/:id- Get weapon by IDPUT /api/weapons/:id- Update weapon (requires auth)DELETE /api/weapons/:id- Delete weapon (requires auth)
Similar endpoints available for:
/api/vault-hunters/api/shields/api/relics/api/grenades/api/classmods
limit(1-100, default 25) - Results per pageoffset(>=0, default 0) - Pagination offsetsort- Field to sort by (name, rarity, etc.)order(asc/desc, default asc) - Sort directionq- Search across multiple fields
Visit http://localhost:3000 for complete API documentation with examples.
- Admin: username:
admin, password:admin123 - User: username:
user, password:user123
npm run dev- Start with nodemon for developmentnpm start- Start production servernpm run migrate- Run database migrationsnpm run seed- Populate database with sample data
src/
├── server.js # Server startup and environment validation
├── app.js # Express app factory (middleware, routes, error handlers)
├── db/
│ └── knex.js # Database configuration
├── middleware/
│ ├── auth.js # Authentication middleware
│ └── validation.js # Centralized validation
├── routes/
│ ├── index.js # Routes export file
│ ├── auth.js # Authentication routes
│ ├── weapons.js # Weapon CRUD routes
│ ├── vaultHunters.js # Vault Hunter CRUD routes
│ ├── shields.js # Shield CRUD routes
│ ├── relics.js # Relic CRUD routes
│ ├── grenades.js # Grenade CRUD routes
│ └── classmods.js # Class Mod CRUD routes
└── utils/
├── constants.js # Application constants
├── crudHandler.js # Reusable CRUD operations
├── envValidation.js # Environment validation
├── responseHelper.js # Standardized response helper
└── tokenBlacklist.js # Token blacklist for logout
- JWT-based authentication with token invalidation
- Token blacklist for logout functionality
- Input validation and sanitization
- SQL injection prevention
- CORS protection
- Security headers (Helmet)
- Request size limiting (10MB)
- Response compression
- Rate limiting ready
This project was developed using the following resources:
- Express.js Documentation: https://expressjs.com/ - Web framework for Node.js
- express-validator Documentation: https://express-validator.github.io/ - Input validation and sanitization
- Knex.js Documentation: https://knexjs.org/ - SQL query builder
- SQLite Documentation: https://www.sqlite.org/index.html - Database engine
- JWT Documentation: https://jwt.io/ - JSON Web Tokens for authentication
- bcryptjs Documentation: https://www.npmjs.com/package/bcryptjs - Password hashing
- Helmet.js: https://helmetjs.github.io/ - Security headers for Express
- CORS Documentation: https://www.npmjs.com/package/cors - Cross-origin resource sharing
- Node.js Best Practices: https://github.com/goldbergyoni/nodebestpractices
- REST API Design Guidelines: https://restfulapi.net/
- Express.js Patterns: Various Stack Overflow and MDN Web Docs references
- CRUD pattern implementation based on Express.js best practices
- JWT authentication pattern from express-jwt documentation examples
- Validation middleware pattern from express-validator examples
- Database migration patterns from Knex.js documentation
MIT License - see LICENSE file for details.