Preview : https://movie-reservation-1-4uao.onrender.com
A full‑stack app to browse movies and book reservations. Frontend built with React (CRA). Backend built with Express. Auth uses JWT and passwords are hashed with bcrypt. Data is currently stored in‑memory for users and reservations.
- Auth: Register, Login, JWT issuance, basic profile update
- Reservations: Create, list, cancel, and get reservations for the logged‑in user
- CORS: Locked to
http://localhost:3000and deployed origin (configurable) - DX: Clear project structure with
frontend/andserver/
movie-reservation project/
├─ frontend/
│ ├─ public/
│ └─ src/
│ ├─ components/ # UI components (hero section, header, sliders, etc.)
│ └─ pages/ # Pages (Home, Login, Registration, Profile, etc.)
└─ server/
├─ app.js # Express app, auth routes, CORS, router mounting
├─ reservation.js # Reservation API routes
└─ utils/auth.js # JWT helper
cd server
npm install
# .env (create in ./server)
# JWT_SECRET=your_secret_here
# PORT=5000 # optional (defaults to 5000)
npm start
# API available at http://localhost:5000cd frontend
npm install
npm start
# App at http://localhost:3000Set up the required environment variables for both backend and frontend.
Create a .env file inside the server/ directory:
# server/.env
JWT_SECRET=your_secret_here
PORT=5000Windows (PowerShell) quick setup:
Set-Location server
"JWT_SECRET=change_me`nPORT=5000" | Out-File -Encoding ascii -NoNewline .env
Get-Content .envNotes:
JWT_SECRETis used to sign JSON Web Tokens.PORTis optional; defaults to 5000 if not provided.
You already have an example at frontend/.env_example.
Create .env using the example:
Set-Location ../frontend
Copy-Item .env_example .env
Get-Content .envVariables:
# frontend/.env
REACT_APP_TMDB_API_KEY=your_api_key_here
REACT_APP_API_URL=http://localhost:5000Notes:
- CRA only exposes variables prefixed with
REACT_APP_to the client. - Keep
.envfiles out of version control (already handled by.gitignore). - For Render deploys, set
REACT_APP_API_URLto your backend service URL (example:https://movie-reservation-z2nv.onrender.com) and redeploy frontend.
- Register or login to receive a JWT
- Include the token when calling protected endpoints:
Authorization: Bearer <your_jwt>
Content-Type: application/json
Base URL: http://localhost:5000
-
Health
GET /→{ message: 'Movie Reservation API is running!' }GET /api/test→ quick test response
-
Auth & User (in‑memory)
POST /api/register→ body:{ username, email, password }- returns:
{ token, user }
- returns:
POST /api/login→ body:{ email, password }- returns:
{ token, user }
- returns:
POST /api/userInfo→ body:{ userId }(requires valid token inAuthorizationheader)PATCH /api/changeInfo→ body:{ userId, newEmail, newName }(requires token)
-
Reservations (mounted at
/api/reservation, requires token)POST /api/reservation/- body:
{ movieId, theaterId, seats[], totalPrice, isLoggedIN, movieName, moviePoster, theaterName, movieDuration, movieGenre, showtime, bookingDate } - creates reservation
- body:
GET /api/reservation/all→ returns all reservations (debug)POST /api/reservation/id→ returns reservations for current userDELETE /api/reservation/delete/:id→ cancels reservation (sets status tocancelled)
-
Backend (
server/package.json)npm start→node app.js
-
Frontend (
frontend/package.json)npm start→ start CRA dev servernpm run build→ production buildnpm test→ run testsnpm run eject→ eject CRA
Allowed origins in server/app.js:
https://movie-reservation-1.onrender.com
http://localhost:3000
Adjust allowedOrigins in server/app.js as needed.
- Current storage is in‑memory. Restarting the server clears users and reservations.
- Add persistent storage (MongoDB/Mongoose) and move auth to DB
- Add validation & rate limiting for production readiness
- Add .env handling in frontend for API base URL if needed
MIT