Skip to content

Sumit-Si/devBoard

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

7 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

πŸš€ DevBoard - Task Management System

A robust REST API for managing projects and tasks with user authentication, API key management, and file uploads. Built with Node.js, Express, Prisma, and PostgreSQL.

✨ Features

  • User Authentication & Authorization - JWT-based authentication with refresh tokens
  • Project Management - Create, read, update, and delete projects
  • Task Management - Comprehensive task handling with status tracking and priority levels
  • Collaborators & Roles - Add project collaborators with role-based permissions (OWNER/EDITOR/VIEWER)
  • API Key Management - Secure API access with key-based authentication
  • File Uploads - Support for task attachments using Cloudinary
  • Rate Limiting - Built-in protection against abuse
  • Database - PostgreSQL with Prisma ORM for type-safe database operations
  • Validation - Request validation using express-validator

πŸ—οΈ Architecture

devBoard/
β”œβ”€β”€ src/
β”‚   β”œβ”€β”€ controllers/     # Business logic handlers
β”‚   β”œβ”€β”€ middlewares/     # Authentication, validation, file upload
β”‚   β”œβ”€β”€ routers/         # API route definitions
β”‚   β”œβ”€β”€ utils/           # Helper functions (hashing, tokens, cloudinary)
β”‚   β”œβ”€β”€ validator/       # Request validation schemas
β”‚   β”œβ”€β”€ libs/           # Database connection
β”‚   └── app.js          # Express app configuration
β”œβ”€β”€ prisma/             # Database schema and migrations
└── public/             # Static files and uploads

πŸš€ Quick Start

Prerequisites

  • Node.js (v18 or higher)
  • PostgreSQL database
  • Cloudinary account (for file uploads)

Installation

  1. Clone the repository

    git clone <repository-url>
    cd devBoard
  2. Install dependencies

    npm install
  3. Environment Setup Create a .env file in the root directory:

    PORT=8080
    DATABASE_URL="postgresql://<username>:<password>@localhost:<PORT>/<DB_NAME>"
    JWT_SECRET="your-jwt-secret-key"
    JWT_REFRESH_SECRET="your-refresh-secret-key"
    CLOUDINARY_CLOUD_NAME="your-cloud-name"
    CLOUDINARY_API_KEY="your-api-key"
    CLOUDINARY_API_SECRET="your-api-secret"
  4. Database Setup

    # Generate Prisma client
    npx prisma generate
    
    # Run database migrations
    npx prisma migrate dev
  5. Start the server

    npm run dev

The server will start at http://localhost:8080

πŸ“š API Documentation

Base URL

http://localhost:8080/api/v1

Authentication

Register User

POST /auth/register
Content-Type: multipart/form-data

{
  "name": "John Doe",
  "email": "john@example.com",
  "password": "securepassword123",
  "image": [file] // optional profile image
}

Response:

{
  "success": true,
  "message": "User registered successfully",
  "data": {
    "user": {
      "id": "uuid",
      "name": "John Doe",
      "email": "john@example.com",
      "image": "cloudinary-url",
      "createdAt": "2024-01-01T00:00:00.000Z"
    }
  }
}

Login User

POST /auth/login
Content-Type: application/json

{
  "email": "john@example.com",
  "password": "securepassword123"
}

Response:

{
  "success": true,
  "message": "Login successful",
  "data": {
    "user": {
      "id": "uuid",
      "name": "John Doe",
      "email": "john@example.com"
    },
    "accessToken": "jwt-token",
    "refreshToken": "refresh-token"
  }
}

Generate API Key

POST /auth/api-key
Authorization: Bearer <access-token>

Response:

{
  "success": true,
  "message": "API key generated successfully",
  "data": {
    "apiKey": "generated-api-key-string"
  }
}

Projects

Create Project

POST /projects
Authorization: Bearer <access-token>
X-API-Key: <api-key>
Content-Type: application/json

{
  "name": "E-commerce Website",
  "description": "A modern e-commerce platform with React frontend and Node.js backend"
}

Response:

{
  "success": true,
  "message": "Project created successfully",
  "data": {
    "project": {
      "id": "uuid",
      "name": "E-commerce Website",
      "description": "A modern e-commerce platform with React frontend and Node.js backend",
      "createdBy": "user-uuid",
      "createdAt": "2024-01-01T00:00:00.000Z",
      "updatedAt": "2024-01-01T00:00:00.000Z"
    }
  }
}

Get All Projects

GET /projects
Authorization: Bearer <access-token>
X-API-Key: <api-key>

Get Project by ID

GET /projects/:id
Authorization: Bearer <access-token>
X-API-Key: <api-key>

Update Project

PUT /projects/:id
Authorization: Bearer <access-token>
X-API-Key: <api-key>
Content-Type: application/json

{
  "name": "Updated E-commerce Website",
  "description": "Enhanced e-commerce platform with new features"
}

Delete Project

DELETE /projects/:id
Authorization: Bearer <access-token>
X-API-Key: <api-key>

Collaborators

List Collaborators for a Project

GET /projects/:projectId/collaborators
Authorization: Bearer <access-token>
X-API-Key: <api-key>

Add Collaborator to a Project (OWNER)

POST /projects/:projectId/collaborators
Authorization: Bearer <access-token>
X-API-Key: <api-key>
Content-Type: application/json

{
  "userId": "user-uuid",
  "role": "VIEWER" // VIEWER | EDITOR | OWNER
}

Update Collaborator Role (OWNER)

PUT /projects/:projectId/collaborators/:collaboratorId
Authorization: Bearer <access-token>
X-API-Key: <api-key>
Content-Type: application/json

{
  "role": "EDITOR" // VIEWER | EDITOR | OWNER
}

Remove Collaborator (OWNER)

DELETE /projects/:projectId/collaborators/:collaboratorId
Authorization: Bearer <access-token>
X-API-Key: <api-key>

Tasks

Create Task

POST /projects/:projectId/tasks
Authorization: Bearer <access-token>
X-API-Key: <api-key>
Content-Type: multipart/form-data

{
  "title": "Design User Interface",
  "description": "Create wireframes and mockups for the main pages",
  "assignedTo": "user-uuid",
  "priority": "HIGH",
  "dueAt": "2024-02-01T00:00:00.000Z",
  "attachments": [file1, file2] // optional, max 3 files
}

Response:

{
  "success": true,
  "message": "Task created successfully",
  "data": {
    "task": {
      "id": "uuid",
      "title": "Design User Interface",
      "description": "Create wireframes and mockups for the main pages",
      "projectId": "project-uuid",
      "assignedTo": "user-uuid",
      "assignedBy": "current-user-uuid",
      "status": "TODO",
      "priority": "HIGH",
      "attachments": ["cloudinary-url1", "cloudinary-url2"],
      "dueAt": "2024-02-01T00:00:00.000Z",
      "createdAt": "2024-01-01T00:00:00.000Z"
    }
  }
}

Get Tasks for Project

GET /projects/:projectId/tasks
Authorization: Bearer <access-token>
X-API-Key: <api-key>

Update Task

PUT /tasks/:id
Authorization: Bearer <access-token>
X-API-Key: <api-key>
Content-Type: application/json

{
  "title": "Updated Task Title",
  "status": "INPROGRESS",
  "priority": "MEDIUM",
  "description": "Updated task description"
}

Delete Task

DELETE /tasks/:id
Authorization: Bearer <access-token>
X-API-Key: <api-key>

πŸ” Authentication & Authorization

JWT Tokens

  • Access Token: Short-lived token for API requests
  • Refresh Token: Long-lived token for getting new access tokens
  • API Key: Additional security layer for sensitive operations

Required Headers

Authorization: Bearer <access-token>
X-API-Key: <api-key>

πŸ“Š Data Models

User

  • id: Unique identifier (UUID)
  • name: User's full name
  • email: Unique email address
  • image: Profile image URL (optional)
  • password: Hashed password
  • refreshToken: JWT refresh token
  • createdAt, updatedAt: Timestamps

Project

  • id: Unique identifier (UUID)
  • name: Project name
  • description: Project description (optional)
  • createdBy: User ID who created the project
  • createdAt, updatedAt, deletedAt: Timestamps

Task

  • id: Unique identifier (UUID)
  • title: Task title
  • description: Task description (optional)
  • projectId: Associated project ID
  • assignedTo: User ID assigned to the task
  • assignedBy: User ID who assigned the task
  • status: TODO, INPROGRESS, or DONE
  • priority: EASY, MEDIUM, or HIGH
  • attachments: Array of file URLs
  • dueAt: Task due date (optional)
  • completedAt: Task completion date (optional)
  • createdAt, updatedAt, deletedAt: Timestamps

ApiKey

  • id: Unique identifier (UUID)
  • key: Generated API key string
  • createdBy: User ID who created the key
  • status: ACTIVE or INACTIVE
  • expiresAt: Key expiration date (optional)
  • createdAt, updatedAt: Timestamps

Collaborator

  • id: Unique identifier (UUID)
  • userId: Collaborator user's ID
  • projectId: Associated project ID
  • role: VIEWER, EDITOR, OWNER
  • createdAt, updatedAt, deletedAt: Timestamps

πŸ› οΈ Development

Available Scripts

npm run dev          # Start development server with nodemon

Database Migrations

npx prisma migrate dev    # Create and apply new migration
npx prisma generate      # Generate Prisma client
npx prisma studio        # Open Prisma Studio for database management

Environment Variables

  • PORT: Server port (default: 8080)
  • DATABASE_URL: PostgreSQL connection string
  • JWT_SECRET: Secret for JWT access tokens
  • JWT_REFRESH_SECRET: Secret for JWT refresh tokens
  • CLOUDINARY_CLOUD_NAME: Cloudinary cloud name
  • CLOUDINARY_API_KEY: Cloudinary API key
  • CLOUDINARY_API_SECRET: Cloudinary API secret

πŸ”’ Security Features

  • Password Hashing: Bcrypt for secure password storage
  • JWT Authentication: Secure token-based authentication
  • API Key Validation: Additional security layer for sensitive operations
  • Rate Limiting: Protection against API abuse
  • Input Validation: Request data validation using express-validator
  • File Upload Security: Secure file handling with Multer and Cloudinary

πŸ“ Error Handling

The API returns consistent error responses:

{
  "success": false,
  "message": "Error description",
  "error": "Detailed error information"
}

Common HTTP status codes:

  • 200: Success
  • 201: Created
  • 400: Bad Request (validation errors)
  • 401: Unauthorized (authentication required)
  • 403: Forbidden (insufficient permissions)
  • 404: Not Found
  • 500: Internal Server Error

πŸ“„ License

This project is licensed under the ISC License.


Made by ❀️ Sumit Tomar

About

A robust REST API for managing projects and tasks with user authentication, API key management, and file uploads. Built with Node.js, Express, Prisma, and PostgreSQL.

Topics

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors