butterfly/moxie-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55335f14e7
moxie-backend/README.md
Z User 55335f14e7 Initial commit: Express backend with user management and SQLite database 
Features:
- Express server on port 9991 with ESM syntax
- User registration, login, and session management
- Password hashing with bcryptjs
- SQLite database with sqlite3 package
- User credits and transaction tracking
- API key management
- Admin endpoints for user management
- Stripe and PayPal webhook endpoints (ready for integration)
- Rate limiting and error handling
- CORS and security headers with helmet

Database tables:
- users (accounts, subscriptions, credits)
- sessions (auth tokens)
- api_keys (user API access)
- credit_transactions (credit history)
- payments (payment tracking)
2026-03-27 21:33:56 +00:00

173 lines
4.4 KiB
Markdown
Raw Blame History

# Moxie Backend
Express.js backend API for user management of an AI site, built with ESM syntax and SQLite database.
## Features
- **User Management**: Registration, authentication, profile management
- **Credit System**: Track and manage user credits
- **API Keys**: Generate and manage API keys for programmatic access
- **Payment Webhooks**: Ready for Stripe and PayPal integration
- **Admin Endpoints**: User management for administrators
- **SQLite Database**: Lightweight, file-based storage
## Quick Start
```bash
# Install dependencies
npm install
# Start the server
npm start
# Start in development mode (with auto-reload)
npm run dev
```
The server runs on port 9991 by default.
## API Endpoints
### Public Endpoints
| Method | Endpoint | Description |
|--------|----------|-------------|
| GET | `/api/health` | Health check |
| GET | `/api` | API information |
| POST | `/api/users/register` | Register a new user |
| POST | `/api/users/login` | Login and get session token |
### Authenticated Endpoints
All authenticated endpoints require `Authorization: Bearer <token>` header.
| Method | Endpoint | Description |
|--------|----------|-------------|
| POST | `/api/users/logout` | Logout and invalidate session |
| GET | `/api/users/me` | Get current user profile |
| PUT | `/api/users/me` | Update profile |
| PUT | `/api/users/me/password` | Change password |
| DELETE | `/api/users/me` | Delete account |
| GET | `/api/users/credits` | Get credits and history |
| GET | `/api/users/api-keys` | List API keys |
| POST | `/api/users/api-keys` | Create new API key |
| DELETE | `/api/users/api-keys/:keyId` | Revoke API key |
### Admin Endpoints
Requires `role: 'admin'` in user record.
| Method | Endpoint | Description |
|--------|----------|-------------|
| GET | `/api/users` | List all users |
| GET | `/api/users/:userId` | Get user by ID |
| PUT | `/api/users/:userId` | Update user |
| DELETE | `/api/users/:userId` | Delete user |
| POST | `/api/users/:userId/credits` | Adjust user credits |
### Webhook Endpoints
| Method | Endpoint | Description |
|--------|----------|-------------|
| POST | `/api/webhooks/stripe` | Stripe webhook handler |
| POST | `/api/webhooks/paypal` | PayPal webhook handler |
## Database Schema
### Users Table
- `id` - Primary key (UUID)
- `email` - Unique email address
- `password_hash` - Bcrypt hashed password
- `name` - Display name
- `role` - User role ('user' or 'admin')
- `credits` - Available credits
- `subscription_status` - Subscription state
- `subscription_tier` - Subscription level
- `stripe_customer_id` - Stripe customer reference
- `paypal_customer_id` - PayPal customer reference
- `is_active` - Account status flag
### Sessions Table
- `id` - Session ID
- `user_id` - Foreign key to users
- `token_hash` - Session token
- `expires_at` - Token expiration
### API Keys Table
- `id` - Key ID
- `user_id` - Foreign key to users
- `key_hash` - Hashed API key
- `name` - Key name/description
- `is_active` - Key status
### Credit Transactions Table
- `id` - Transaction ID
- `user_id` - Foreign key to users
- `amount` - Credit amount (+/-)
- `type` - 'credit' or 'debit'
- `description` - Transaction description
### Payments Table
- `id` - Payment ID
- `user_id` - Foreign key to users
- `amount` - Payment amount
- `provider` - 'stripe' or 'paypal'
- `status` - Payment status
## Caddy Configuration
Add this to your Caddyfile to proxy the API:
```caddyfile
yourdomain.com {
# Static site
root * /path/to/static/site
file_server
# API proxy
handle /api/* {
reverse_proxy localhost:9991
}
}
```
## Environment Variables
Create a `.env` file based on `.env.example`:
```env
PORT=9991
NODE_ENV=production
CORS_ORIGIN=https://yourdomain.com
# Stripe (when ready)
STRIPE_SECRET_KEY=sk_live_xxx
STRIPE_WEBHOOK_SECRET=whsec_xxx
# PayPal (when ready)
PAYPAL_CLIENT_ID=xxx
PAYPAL_CLIENT_SECRET=xxx
PAYPAL_WEBHOOK_ID=xxx
PAYPAL_MODE=live
```
## Payment Integration
### Stripe Setup
1. Create a Stripe account and get API keys
2. Add keys to environment variables
3. Create a webhook endpoint in Stripe dashboard pointing to `https://yourdomain.com/api/webhooks/stripe`
4. Copy the webhook signing secret to `STRIPE_WEBHOOK_SECRET`
### PayPal Setup
1. Create a PayPal Developer account
2. Create a REST API application
3. Add credentials to environment variables
4. Configure webhook in PayPal dashboard pointing to `https://yourdomain.com/api/webhooks/paypal`
## License
ISC
Reference in New Issue View Git Blame Copy Permalink