Orders API
Base path: /api/orders
File: ayts-api/src/routes/orders-simple.ts
Auth required: Yes
POST /api/orders
Create a new order. All items must be from the same store (or multi-store is split into separate orders internally).
Request:
{
"storeId": "uuid",
"items": [
{ "productId": "uuid", "quantity": 2, "price": 285.00 },
{ "productId": "uuid", "quantity": 1, "price": 150.00 }
],
"deliveryAddress": "123 Rizal St, Lahug, Cebu City",
"paymentMethod": "cash_on_delivery",
"notes": "Please call before delivery"
}
Response 201:
{
"success": true,
"order": {
"id": "uuid",
"orderNumber": "AYTS-20260506-1234",
"status": "pending",
"totalAmount": 720.00,
"items": [...],
"createdAt": "2026-05-06T12:00:00Z"
}
}
GET /api/orders
Get orders for the authenticated user (customer sees own orders, admin sees all).
Query params: status, storeId, limit, offset
GET /api/orders/:id
Get a single order with full details.
GET /api/orders/:id/stream
Real-time SSE stream for order status updates.
const es = new EventSource(`/api/orders/${orderId}/stream`, { withCredentials: true });
es.onmessage = ({ data }) => {
const { status, updatedAt } = JSON.parse(data);
// update UI
};
PATCH /api/orders/:id/status
Update order status. Requires vendor (own orders) or admin.
{
"status": "preparing" | "ready" | "out_for_delivery" | "delivered" | "cancelled"
}
PATCH /api/orders/:id/assign-rider
Assign a rider to an order. Requires admin.
{ "riderId": "uuid" }
Order Number Format
All orders get a human-readable order number:
AYTS-{YYYYMMDD}-{4-digit random}
Example: AYTS-20260506-4976
Order Statuses
| Status | Who sets it | Trigger |
|---|---|---|
pending | System | Order created |
confirmed | System / Admin | COD auto-confirm; payment paid |
preparing | Vendor | Vendor marks preparing |
ready | Vendor | Ready for pickup |
out_for_delivery | Rider | Rider picked up |
delivered | Rider | Delivery confirmed |
cancelled | Admin / Customer | Cancellation |
refunded | Admin | After refund processed |