ajaybor0 · bhushan-ai · Sep 10, 2025
diff --git a/backend/controllers/adminController.js b/backend/controllers/adminController.js
@@ -0,0 +1,87 @@
+import User from "../models/userModel.js";
+import bcrypt from "bcrypt";
+
+//get all admins
+export const fetchAllAdmins = async (req, res, next) => {
+  try {
+    const allAdmins = await User.find({ isAdmin: true });
+    if (!allAdmins || allAdmins === 0) {
+      res.statusCode = 404;
+      throw new Error("Admins not found.");
+    }
+
+    res.status(200).json({
+      message: "ALl Admin fetched.",
+      admins: allAdmins,
+    });
+  } catch (error) {
+    next(error);
+  }
+};
+
+//add new admin
+
+export const newAdmin = async (req, res, next) => {
+  try {
+    const { name, email, password } = req.body;
+    if (!name || !email || !password) {
+      res.statusCode = 400;
+      throw new Error("All fields are required");
+    }
+
+    const hashedPassword = await bcrypt.hash(password, 10);
+
+    const newAdmin = await User.create({
+      name,
+      email,
+      password: hashedPassword,
+      isAdmin: true,
+    });
+    res.status(201).json({
+      message: "new Admin created.",
+      admin: newAdmin,
+    });
+  } catch (error) {
+    next(error);
+  }
+};
+
+export const updateAdmin = async (req, res, next) => {
+  const { id } = req.params;
+  const { email, name } = req.body;
+  try {
+    const updateAdmin = await User.findByIdAndUpdate(
+      id,
+      {
+        name,
+        email,
+        isAdmin: true,
+      },
+      { new: true }
+    );
+
+    res.status(201).json({
+      message: " Admin Updated.",
+      admin: updateAdmin,
+    });
+  } catch (error) {
+    next(error);
+  }
+};
+
+export const deleteAdmin = async (req, res, next) => {
+  const { id } = req.params;
+  try {
+    const admin = await User.findByIdAndDelete(id);
+    if (!admin) {
+      res.statusCode = 404;
+      throw new Error("Admin not found");
+    }
+    res.status(200).json({
+      message: " Admin deleted.",
+      admin: admin,
+    });
+  } catch (error) {
+    next(error);
+  }
+};
diff --git a/backend/routes/adminRoutes.js b/backend/routes/adminRoutes.js
@@ -0,0 +1,16 @@
+import express from "express";
+import {
+  deleteAdmin,
+  fetchAllAdmins,
+  newAdmin,
+  updateAdmin,
+} from "../controllers/adminController";
+
+const adminRouter = express.Router();
+
+adminRouter.get("/admin-list", fetchAllAdmins);
+adminRouter.post("/admin-list/create", newAdmin);
+adminRouter.put("/admin-list/update/:id", updateAdmin);
+adminRouter.delete("/admin-list/delete/:id", deleteAdmin);
+
+export default adminRouter;
diff --git a/backend/server.js b/backend/server.js
@@ -1,18 +1,19 @@
-import express from 'express';
-import path from 'path';
-import cookieParser from 'cookie-parser';
-import cors from 'cors';
-import compression from 'compression';
-import 'dotenv/config';
-
-import productRoutes from './routes/productRoutes.js';
-import userRoutes from './routes/userRoutes.js';
-import orderRoutes from './routes/orderRoutes.js';
-import uploadRoutes from './routes/uploadRoutes.js';
-import paymentRoutes from './routes/paymentRoutes.js';
-
-import connectDB from './config/db.js';
-import { notFound, errorHandler } from './middleware/errorMiddleware.js';
+import express from "express";
+import path from "path";
+import cookieParser from "cookie-parser";
+import cors from "cors";
+import compression from "compression";
+import "dotenv/config";
+
+import productRoutes from "./routes/productRoutes.js";
+import userRoutes from "./routes/userRoutes.js";
+import adminRouter from "./routes/adminRoutes.js";
+import orderRoutes from "./routes/orderRoutes.js";
+import uploadRoutes from "./routes/uploadRoutes.js";
+import paymentRoutes from "./routes/paymentRoutes.js";
+
+import connectDB from "./config/db.js";
+import { notFound, errorHandler } from "./middleware/errorMiddleware.js";
 
 const port = process.env.PORT || 5000;
 
@@ -28,24 +29,26 @@ app.use(express.json());
 app.use(express.urlencoded({ extended: true }));
 
 const __dirname = path.resolve(); // Set {__dirname} to current working directory
-app.use('/uploads', express.static(path.join(__dirname, 'uploads')));
-
-app.use('/api/v1/products', productRoutes);
-app.use('/api/v1/users', userRoutes);
-app.use('/api/v1/orders', orderRoutes);
-app.use('/api/v1/upload', uploadRoutes);
-app.use('/api/v1/payment', paymentRoutes);
+app.use("/uploads", express.static(path.join(__dirname, "uploads")));
+
+app.use("/api/v1/products", productRoutes);
+app.use("/api/v1/users", userRoutes);
+//admin endpoints
+app.use("/api/v1/admin", adminRouter);
+app.use("/api/v1/orders", orderRoutes);
+app.use("/api/v1/upload", uploadRoutes);
+app.use("/api/v1/payment", paymentRoutes);
 //-------------------------------------
-if (process.env.NODE_ENV === 'production') {
-  app.use(express.static(path.join(__dirname, '/frontend/build')));
+if (process.env.NODE_ENV === "production") {
+  app.use(express.static(path.join(__dirname, "/frontend/build")));
 
   //any app route that is not api will redirected to index.html
-  app.get('*', (req, res) => {
-    res.sendFile(path.resolve(__dirname, 'frontend', 'build', 'index.html'));
+  app.get("*", (req, res) => {
+    res.sendFile(path.resolve(__dirname, "frontend", "build", "index.html"));
   });
 } else {
-  app.get('/', (req, res) => {
-    res.send('Hello, World!');
+  app.get("/", (req, res) => {
+    res.send("Hello, World!");
   });
 }