RentNest Backend is a role-based property rental platform API built with Node.js, Express, TypeScript, Prisma, and PostgreSQL. It supports tenant, landlord, and admin workflows for property listing, rental requests, payments, reviews, and user management.
Production URL:
Local development:
- Base URL: http://localhost:5000
This backend powers a rental marketplace where:
- Tenants can browse properties, submit rental requests, pay for approved rentals, and leave reviews.
- Landlords can create and manage properties, review rental requests, and approve or reject them.
- Admins can manage users, view rental requests, and create categories.
- User authentication and profile management
- Property listing and management
- Category management
- Rental request workflow
- Stripe-based payment checkout
- Review creation after completed rentals
- Role-based authorization
- Node.js
- Express.js
- TypeScript
- Prisma ORM
- PostgreSQL
- JWT Authentication
- Stripe
- Vercel deployment
-
Clone the repository
git clone <repository-url> cd RentNest
-
Install dependencies
npm install
-
Create environment variables
cp .env.example .env
-
Update the .env file with your database and Stripe credentials.
-
Run Prisma migrations
npx prisma migrate dev
-
Start the development server
npm run dev
Can:
- Register and log in
- View own profile
- Update own profile
- Browse all properties
- View a property by ID
- Create a rental request
- View own rental requests
- View a specific rental request
- Pay for an approved rental request
- Create a review after a completed rental
Can:
- Register and log in
- View own profile
- Update own profile
- Create, update, and delete own properties
- View all properties
- View a property by ID
- View rental requests for their properties
- Approve or reject rental requests
Can:
- View all users
- Ban or unban users
- Delete users
- View all properties
- View all rental requests
- Create categories
All endpoints are prefixed with:
- Local: http://localhost:5000/api
- Production: https://rentnest-backend-server.vercel.app
- Method: POST
- URL: /api/auth/register
- Body:
{ "name": "Tanvir", "email": "tanvir@example.com", "password": "123456", "role": "TENANT", "activeStatus": "UNBANNED" } - Notes:
- Admin registration is not allowed.
- Role can be TENANT, LANDLORD, or ADMIN.
- Method: POST
- URL: /api/auth/login
- Body:
{ "email": "tanvir@example.com", "password": "123456" } - Notes:
- Returns an access token and user info.
- Token is usually sent as a Bearer token or stored in cookies.
- Method: GET
- URL: /api/auth/me
- Auth: Required for TENANT, LANDLORD, ADMIN
- Method: PUT
- URL: /api/auth/me
- Auth: Required for TENANT, LANDLORD, ADMIN
- Body example:
{ "name": "Updated Name", "phone": "01700000000", "profileImage": "https://example.com/avatar.png" }
- Method: GET
- URL: /api/properties
- Public
- Query params (optional):
- searchTerm
- page
- limit
- sortBy
- sortOrder
- Method: GET
- URL: /api/properties/:id
- Public
- Method: POST
- URL: /api/properties/properties
- Auth: LANDLORD only
- Body:
{ "title": "Luxury Apartment", "description": "Beautiful apartment near the city center", "price": 25000, "location": "Dhaka", "propertyType": "Apartment", "availabilityStatus": "AVAILABLE", "amenities": ["Wi-Fi", "Parking", "Lift"] }
- Method: PUT
- URL: /api/properties/properties/:id
- Auth: LANDLORD only
- Body example:
{ "price": 28000, "availabilityStatus": "BOOKED" }
- Method: DELETE
- URL: /api/properties/properties/:id
- Auth: LANDLORD only
- Method: GET
- URL: /api/categories
- Public
- Method: POST
- URL: /api/categories
- Auth: ADMIN only
- Body:
{ "name": "Luxury", "description": "High-end rental properties" }
- Method: POST
- URL: /api/rentals
- Auth: TENANT only
- Body:
{ "propertieId": "PROPERTY_ID_HERE" }
- Method: GET
- URL: /api/rentals
- Auth: TENANT or ADMIN
- Notes:
- Tenants see their own requests.
- Admins see all requests.
- Method: GET
- URL: /api/rentals/:requestId
- Auth: TENANT only
- Method: PATCH
- URL: /api/rentals/:requestId
- Auth: LANDLORD only
- Body:
{ "rentalStatus": "APPROVED" } - Allowed values:
- APPROVED
- REJECTED
- Method: GET
- URL: /api/landlord/requests
- Auth: LANDLORD only
- Method: PATCH
- URL: /api/landlord/requests/:id
- Auth: LANDLORD only
- Method: GET
- URL: /api/admin/users
- Auth: ADMIN only
- Method: PATCH
- URL: /api/admin/users/:id
- Auth: ADMIN only
- Body:
{ "activeStatus": "BANNED" }
- Method: DELETE
- URL: /api/admin/users/:id
- Auth: ADMIN only
- Method: GET
- URL: /api/admin/properties
- Auth: ADMIN only
- Method: GET
- URL: /api/admin/rentals
- Auth: ADMIN only
- Method: POST
- URL: /api/payments/create
- Auth: TENANT only
- Body:
{ "rentalRequestId": "RENTAL_REQUEST_ID_HERE" } - Notes:
- Only approved rental requests can be paid.
- Stripe webhook is also supported.
- Method: POST
- URL: /api/payments/webhook
- Notes:
- Used by Stripe to confirm payment events.
- Method: POST
- URL: /api/reviews
- Auth: TENANT only
- Body:
{ "propertyId": "PROPERTY_ID_HERE", "comment": "Great stay and smooth experience" } - Notes:
- Review can only be created after a completed rental request.
- Add a header:
- Key: Authorization
- Value: Bearer
- For login and registration, send JSON body.
- For protected routes, make sure the JWT token is included.
- For local testing, use:
- Base URL: http://localhost:5000/api
This project is deployed on Vercel.
vercel --prodhttps://rentnest-backend-server.vercel.app/
- The backend uses cookies for authentication in the browser flow.
- In Postman, you can also use the Authorization header if cookie-based auth is inconvenient.
- Make sure your Stripe webhook secret is configured correctly for payment events.