TaskMaster Pro - Backend API A robust Node.js/Express backend API for TaskMaster Pro, featuring user authentication, task management, and PostgreSQL database integration.
🚀 Features User Authentication: JWT-based authentication with bcrypt password hashing Task Management: Full CRUD operations for tasks with filtering and sorting Database: PostgreSQL with optimized queries and indexes Security: Helmet.js, CORS, input validation, and SQL injection prevention API Documentation: RESTful endpoints with comprehensive error handling 🛠️ Tech Stack Runtime: Node.js Framework: Express.js Database: PostgreSQL Authentication: JWT (JSON Web Tokens) Password Hashing: bcryptjs Validation: express-validator Security: Helmet.js, CORS Logging: Morgan 📋 Prerequisites Node.js (v16 or higher) PostgreSQL (v12 or higher) npm or yarn 🗄️ Database Setup Install PostgreSQL (if not already installed):
brew install postgresql brew services start postgresql
sudo apt-get install postgresql postgresql-contrib sudo systemctl start postgresql Create Database:
psql -U postgres CREATE DATABASE taskmaster_pro; \q Run Schema:
psql -U postgres -d taskmaster_pro -f ./config/database.sql ⚙️ Installation Clone and navigate to backend:
cd backend Install dependencies:
npm install Environment Configuration: Create a .env file in the backend root:
PORT=3000 NODE_ENV=development
DB_HOST=localhost DB_PORT=5432 DB_NAME=taskmaster_pro DB_USER=postgres DB_PASSWORD=your_password_here
JWT_SECRET=your-super-secret-jwt-key-change-this-in-production JWT_EXPIRES_IN=7d
CORS_ORIGIN=http://localhost:5173 Start the server:
npm run dev
npm start 📚 API Documentation Authentication Endpoints POST /api/auth/register Register a new user.
Request Body:
{ "name": "John Doe", "email": "john@example.com", "password": "password123" } Response:
{ "message": "User registered successfully", "token": "jwt_token_here", "user": { "id": 1, "name": "John Doe", "email": "john@example.com", "createdAt": "2024-01-01T00:00:00.000Z" } } POST /api/auth/login Login user.
Request Body:
{ "email": "john@example.com", "password": "password123" } Response:
{ "message": "Login successful", "token": "jwt_token_here", "user": { "id": 1, "name": "John Doe", "email": "john@example.com", "createdAt": "2024-01-01T00:00:00.000Z" } } GET /api/auth/me Get current user (requires authentication).
Headers:
Authorization: Bearer <jwt_token> Response:
{ "user": { "id": 1, "name": "John Doe", "email": "john@example.com", "createdAt": "2024-01-01T00:00:00.000Z" } } PUT /api/auth/profile Update user profile (requires authentication).
Headers:
Authorization: Bearer <jwt_token> Request Body:
{ "name": "John Smith", "email": "johnsmith@example.com" } PUT /api/auth/password Change user password (requires authentication).
Headers:
Authorization: Bearer <jwt_token> Request Body:
{ "currentPassword": "oldpassword", "newPassword": "newpassword123" } Task Endpoints GET /api/tasks Get all tasks for the authenticated user.
Headers:
Authorization: Bearer <jwt_token> Query Parameters:
status (optional): Filter by status (todo, in-progress, completed) tag (optional): Filter by tag search (optional): Search in title and description sortBy (optional): Sort by (created_at, due_date, priority) order (optional): Sort order (asc, desc) Response:
{ "tasks": [ { "id": 1, "user_id": 1, "title": "Complete project", "description": "Finish the TaskMaster Pro project", "status": "in-progress", "priority": "high", "due_date": "2024-01-15", "tags": ["work", "urgent"], "created_at": "2024-01-01T00:00:00.000Z", "updated_at": "2024-01-01T00:00:00.000Z" } ] } POST /api/tasks Create a new task (requires authentication).
Headers:
Authorization: Bearer <jwt_token> Request Body:
{ "title": "New Task", "description": "Task description", "status": "todo", "priority": "medium", "dueDate": "2024-01-15", "tags": ["work", "project"] } GET /api/tasks/:id Get a specific task (requires authentication).
Headers:
Authorization: Bearer <jwt_token> PUT /api/tasks/:id Update a task (requires authentication).
Headers:
Authorization: Bearer <jwt_token> Request Body:
{ "title": "Updated Task", "description": "Updated description", "status": "completed", "priority": "low", "dueDate": "2024-01-20", "tags": ["completed", "work"] } PATCH /api/tasks/:id Partially update a task (requires authentication).
Headers:
Authorization: Bearer <jwt_token> Request Body:
{ "status": "completed" } DELETE /api/tasks/:id Delete a task (requires authentication).
Headers:
Authorization: Bearer <jwt_token> Health Check GET /api/health Check API status.
Response:
{ "status": "ok", "message": "TaskMaster Pro API is running" } 🔒 Security Features Password Hashing: All passwords are hashed using bcryptjs JWT Authentication: Secure token-based authentication Input Validation: All inputs are validated using express-validator SQL Injection Prevention: Parameterized queries CORS Protection: Configurable CORS settings Helmet.js: Security headers Rate Limiting: Built-in protection against abuse 📁 Project Structure backend/ ├── config/ │ ├── database.js # PostgreSQL connection pool │ └── database.sql # Database schema and migrations ├── middleware/ │ ├── auth.js # JWT authentication middleware │ └── validation.js # Request validation middleware ├── routes/ │ ├── auth.js # Authentication routes │ └── tasks.js # Task management routes ├── server.js # Main application entry point ├── package.json # Dependencies and scripts ├── .env # Environment variables (create this) └── README.md # This file 🚀 Deployment Environment Variables for Production NODE_ENV=production PORT=3000 DB_HOST=your-production-db-host DB_PORT=5432 DB_NAME=taskmaster_pro DB_USER=your-db-user DB_PASSWORD=your-secure-db-password JWT_SECRET=your-very-secure-jwt-secret JWT_EXPIRES_IN=7d CORS_ORIGIN=https://your-frontend-domain.com Deployment Steps Set up production database Configure environment variables Install dependencies: npm install --production Start the server: npm start Using PM2 (Recommended) npm install -g pm2 pm2 start server.js --name "taskmaster-pro-api" pm2 save pm2 startup 🧪 Testing Run the health check to verify the API is working:
curl http://localhost:3000/api/health Expected response:
{ "status": "ok", "message": "TaskMaster Pro API is running" } 🔧 Troubleshooting Common Issues Database Connection Error
Verify PostgreSQL is running Check database credentials in .env Ensure database exists CORS Errors
Verify CORS_ORIGIN in .env matches your frontend URL Check that the frontend is making requests to the correct API URL JWT Token Issues
Ensure JWT_SECRET is set in .env Check token expiration settings Port Already in Use
Change PORT in .env or kill the process using the port Logs The server uses Morgan for HTTP request logging. Check the console output for:
Request/response logs Database connection status Error messages 📝 License This project is licensed under the MIT License.
🤝 Contributing Fork the repository Create a feature branch Make your changes Test thoroughly Submit a pull request 📞 Support For support and questions:
Open an issue in the repository Check the troubleshooting section above Review the API documentation