| Method | Endpoint | Description | Query / Params / Body | Auth |
|---|---|---|---|---|
| GET | /toys | Get toys list with filters, pagination, and sorting |
Query: limit (default 10) skip (default 0) sort (field, default _id) reverse (yes / no) s (search name/info) category user_id |
No |
| GET | /toys/search | Search toys by name or exact price | Query: s | No |
| GET | /toys/category/:catname | Get toys by category | Param: catname | No |
| GET | /toys/prices | Get toys within a price range |
Query: min (default 0) max (default Infinity) |
No |
| GET | /toys/single/:id | Get a single toy by ID | Param: id | No |
| GET | /toys/count | Get total number of toys | — | No |
| POST | /toys | Create a new toy (owner is token user) |
Body: name, info, category, img_url, price |
User |
| PUT | /toys/:id | Update toy (owner only) |
Param: id Body: toy fields |
User |
| DELETE | /toys/:id |
Delete toy • Admin: delete any toy • User: delete own toy only |
Param: id | User / Admin |
| Method | Endpoint | Description | Body / Params | Auth |
|---|---|---|---|---|
| GET | /users | Users route health check | — | No |
| GET | /users/list | Get users list (password excluded) | Query: skip | Admin |
| GET | /users/userInfo | Get logged-in user profile | — | User |
| POST | /users | Register new user |
Body: name, email, password |
No |
| POST | /users/login | User login and JWT token creation |
Body: email, password |
No |
| PATCH | /users/changeRole/:user_id/:role |
Change user role • Super admin protected |
Params: user_id role |
Admin |