Version 1.0.0

Chinni Treasure API

RESTful API for the Chinni Treasure — Little Love luxury e-commerce platform. Supports product catalog browsing, order placement and tracking, admin dashboard analytics, and secure JWT-based administrator authentication.

Authentication

Admin login and session management

Products

Product catalog CRUD operations

Orders

Order placement, listing, and status management

Tracking

Public order tracking by order ID or phone

Analytics

Admin dashboard statistics

POST/api/auth/login

Authentication

Admin login

adminLogin

Request Body *

application/json

usernameRequired

string

Admin username

passwordRequired

string

Admin password

{
  "username": "admin",
  "password": "your-password"
}

Responses

200

400

Missing required fields

401

Invalid credentials

429

Rate limited — 5 attempts per minute per IP

POST/api/auth/logout

Authentication

Admin logout

adminLogout

Responses

200

Session cookie cleared

GET/api/auth/me

Authentication

Check current session

getSession

Responses

200

User is authenticated

401

No valid session

GET/api/products

Products

List active products

listProducts

Responses

200

Array of active products with category info

POST/api/products

Products

Create a product (admin only)

createProductAdmin session required

Request Body *

application/json

sku

string

Stock keeping unit

nameRequired

string

Product name

categoryId

integer | null

description

string | null

priceRequired

number

Product price

stockQuantity

integer

imageUrl

string | null

badge

string | null - bestseller, new, premium, limited, luxury

Responses

201

Product created successfully

400

Name and price are required

401

Unauthorized

PUT/api/products/{id}

Products

Update a product (admin only)

updateProductAdmin session required

Parameters

idpathstring:uuidRequired

Request Body

application/json

sku

string

name

string

categoryId

integer | null

description

string | null

price

number

stockQuantity

integer

imageUrl

string | null

badge

string | null - bestseller, new, premium, limited, luxury

isActive

boolean

Responses

200

Product updated

401

Unauthorized

DELETE/api/products/{id}

Products

Soft-delete a product (admin only)

deleteProductAdmin session required

Parameters

idpathstring:uuidRequired

Responses

200

Product deactivated

401

Unauthorized

GET/api/orders

Orders

List orders with pagination (admin only)

listOrdersAdmin session required

Parameters

pagequeryintegerOptional

limitqueryintegerOptional

statusquerystringOptional

Responses

200

Paginated list of orders

401

Unauthorized

POST/api/orders

Orders

Place a new order (public)

createOrder

Request Body *

application/json

customerNameRequired

string

customerEmailRequired

string:email

customerPhoneRequired

string

10-digit phone

addressLine1Required

string

addressLine2

string | null

cityRequired

string

stateCodeRequired

string

2-letter Indian state code

postalCodeRequired

string

6-digit PIN

transactionIdRequired

string

customerNotes

string | null

itemsRequired

object[]

Responses

201

Order created successfully

400

Missing required fields or insufficient stock

404

Product not found

409

Conflict — retry your order

GET/api/orders/{id}

Orders

Get a single order by ID (public)

getOrder

Parameters

idpathstring:uuidRequired

Responses

200

Full order with items and status history

404

Order not found

PATCH/api/orders/{id}/status

Orders

Update order status (admin only)

updateOrderStatusAdmin session required

Parameters

idpathstring:uuidRequired

Request Body *

application/json

statusRequired

string - approved, packaging, shipped, delivered, rejected

trackingId

string

Required when status is 'shipped'

notes

string

expectedVersion

integer

For optimistic concurrency control

Responses

200

Order status updated

400

Tracking ID required for shipped, or invalid transition

401

Unauthorized

404

Order not found

409

Version conflict — order was modified by another request

GET/api/stats

Analytics

Dashboard statistics (admin only)

getDashboardStatsAdmin session required

Responses

200

Dashboard stats, chart data, and product sales

401

Unauthorized

GET/api/track

Tracking

Track orders by order number or phone (public)

trackOrder

Parameters

orderIdquerystringOptional

phonequerystringOptional

Responses

200

Matching orders with item details

400

Provide orderId or phone parameter

Loading API documentation…