Architecture Document

Royal Looms
Full Project Architecture

Infrastructure · API · Frontend · Database · Auth
Backend Active
Frontend Deployed
Keycloak Partial
Tech Stack
FrontendReact 18 + Vite
BackendNode + Express
ORMPrisma
DBAWS RDS PostgreSQL
AuthJWT + Keycloak 26
HostingGoViralHost + AWS EC2
🏗

Infrastructure Overview

01
Internet
Public Traffic
GoViralHost — Shared
test.royallooms.com
React Frontend (Vite build)
AWS EC2 — app-ec2
api.royallooms.com
35.175.222.160 · Node.js + Express · PM2 :5000
AWS RDS
PostgreSQL
royal-looms-app-db · us-east-1
AWS EC2 — keycloak-ec2
auth.royallooms.com
3.80.67.65 · Keycloak 26 · :8090
API routes: REST /api/* (Storefront + Admin)  |  GraphQL /graphql (Admin legacy, phasing out)  |  Nginx SSL proxy on Keycloak
🌐

Public REST API Routes

02
⊙ No Auth Required Base: /api/*
Method Route Description
GET /api/products List products — filter, search, sort, paginate
GET /api/products/featured Featured products
GET /api/products/new-arrivals New arrivals
GET /api/products/best-sellers Best sellers
GET /api/products/search Quick search
GET /api/products/:slug Single product by slug
GET /api/categories Full category tree
GET /api/categories/:slug/products Products filtered by category
GET /api/homepage/banners Hero banners
GET /api/homepage/promo-banners Promo banners
GET /api/homepage/sections Homepage sections config
GET /api/homepage/announcement Announcement bar
GET /api/pages/:slug CMS page content
GET /api/settings/public Store name, contact, shipping info
POST /api/orders Place order (COD / online)
GET /api/orders/:orderId Track order by ID
GET /api/products/:id/reviews Product reviews
POST /api/reviews Submit product review
POST /api/coupons/validate Validate coupon code
POST /api/auth/register Customer registration
POST /api/auth/login Customer login — returns JWT
🔐

Admin REST API Routes

03
⚿ Auth Required Base: /api/admin/*
Route Group Features
/auth Login, me, change-password, logout
/dashboard Stats: orders, revenue, customers, low-stock
/products CRUD, bulk action, status toggle, export Excel
/categories CRUD, nested tree management
/orders List, detail, status update, cancel, invoice PDF, export
/customers List, detail, block/unblock, add note
/coupons CRUD — percent/flat, min order, usage limits
/banners CRUD with image upload and scheduling
/reviews Approve/reject, reply, auto-approve setting
/pages CMS page CRUD with rich text
/settings Store info, SMTP, payment keys, shipping defaults
/shipping Shipping zones by state
/payments Razorpay / COD / Bank transfer config
/homepage Section ordering, featured products
/staff Staff account management
/media Image library — upload and delete
/reports Sales, products, orders, customers, coupons, categories
/upload Product image upload
🗄

Database Models

04
PostgreSQL via Prisma ORM  ·  JSONB used for images, variants, items, timeline, address
User
Customers + admin/staff accounts
Category
Nested tree via parentId self-relation
Product
Images, variants, ratings as JSONB
Order
Items, timeline, address as JSONB
Review
Product reviews with moderation
Coupon
Percent/flat, date-limited, usage-tracked
Banner
Hero + promo banners with scheduling
Media
Uploaded image library
Page
CMS pages — About, Terms, etc.
Settings
Singleton: store config, SMTP, payments
ShippingZone
State-wise shipping rate definitions
🔑

Authentication Systems

05
JWT (adminAuth.js)
Admin panel login
rl_admin_token → localStorage
Keycloak OIDC
Customer login — Google + email/password
ReactKeycloakProvider
📱

Frontend — Customer Pages

06
Route Page Key Features
/ Homepage Banners, featured products, stories, announcement bar
/collections Collections Filters, search, infinite scroll, QuickView, sort
/product/:id Product Detail Images, attributes, reviews, delivery estimator, WhatsApp CTA
/cart Cart Item list, subtotal
/checkout Checkout Keycloak auth gate, address form, coupon, COD
/wishlist Wishlist Saved products
/heritage Heritage/About Brand story
/auth Auth Login/Register via Keycloak
/help Help FAQs, contact
⚙️

Admin Panel Pages

07
Route Page
/admin/dashboard Revenue, orders, customer stats
/admin/products Product list with filters
/admin/products/new Product create form
/admin/products/:id/edit Product edit form
/admin/categories Category tree management
/admin/orders Order list + detail view
/admin/customers Customer management
/admin/coupons Coupon management
/admin/banners Banner upload and scheduling
/admin/reviews Review moderation
/admin/pages CMS page editor
/admin/shipping Shipping zones
/admin/payments Payment settings
/admin/reports Sales / product / customer reports
/admin/media Image library
/admin/settings Store settings

State Management

08
CartContext
Cart items, cartOpen / openCart / closeCart
WishlistContext
Wishlisted product IDs
AdminAuthContext
Admin JWT token + user info
ReactKeycloakProvider
Customer Keycloak OIDC session

Complete Request Flow

09
Storefront requests
test.royallooms.com
React App (GoViralHost)
storefrontApi
api.royallooms.com/api/*
Express routes/public.js
Prisma → AWS RDS
Admin requests
/admin/login
adminApi
api.royallooms.com/api/admin/*
JWT middleware
Prisma → AWS RDS
Customer auth / checkout
/checkout
Keycloak gate
auth.royallooms.com
Google OAuth
+
Email/Password
📋

Implementation Status

10
Working Now
Admin login + full CRUD (products, orders, categories)
Storefront API — products, categories, homepage
Order placement (COD)
Customer JWT auth (register/login)
Image uploads via /uploads on api.royallooms.com
Keycloak OIDC — customer auth gate on checkout
Pending / In Progress
Google social login (Keycloak — paused at "Add Google provider")
Add test users in Google Cloud Console
Razorpay online payment integration
Email notifications (SMTP config in settings)
📜

API Contract & Data Structures

11
Standard Response: { success: boolean, data?: any, message?: string, pagination?: object }
Auth & Validation
POST /api/auth/register — name, email, password required. 400 if email exists.
POST /api/auth/login — 401 on incorrect creds. 403 if blocked. Returns JWT.
POST /api/admin/auth/* — Requires role [admin, staff]. 401 if inactive.
Order Mechanics
POST /api/orders — Requires customerInfo, deliveryAddress, items.
Calculations — Server calculates subtotal, max discount limits, shipping & GST.
Auto-Action — status="Delivered" auto-updates paymentStatus="Paid".
JSONB Structure Shape Example / Description
Product.images [{ "url": "/uploads/img.jpg", "isPrimary": true, "altText": "" }]
Product.variants [{ "name": "Color", "options": [{ "value": "Red", "additionalPrice": 0, "stock": 5 }] }]
Product.ratings { "avg": 4.2, "count": 15, "distribution": { "one": 0, "five": 7 } }
Order.items [{ "productId": "cuid", "quantity": 1, "unitPrice": 4999, "subtotal": 4999 }]
Order.timeline [{ "status": "Pending", "timestamp": "ISO", "note": "Order placed" }]
Order Status Enum
Pending, Confirmed, Processing, Shipped, Delivered, Cancelled
Payment Status Enum
Pending, Paid, Failed, Refunded
API HTTP Codes
400 (Bad Input), 401 (Unauthorized), 403 (Forbidden), 404 (Not Found), 500
Generated architecture document  ·  Royal Looms  · 
Royal Looms ◆