This guide explains how to run the SecureShift project locally using Docker and Docker Compose. The project includes:
- Backend (Node.js + Express)
- Frontend (React - Employer Panel)
- Database (MongoDB)
- docker-compose.yml
- app-backend/
- Dockerfile
- .env (Do not push to GitHub)
- src/
- app-frontend/
- employer-panel/
- Dockerfile
- src/
Make sure you have the following installed:
- Docker
- Docker Compose
Create a .env file inside app-backend/ with the following content:
MONGO_URI=mongodb://<username>:<password>@mongodb:27017/<database>?authSource=admin
PORT=5000
JWT_SECRET=<your-secret-key>Then, update the corresponding MongoDB credentials in your docker-compose.yml file:
yaml
Copy code
environment:
MONGO_INITDB_ROOT_USERNAME: <username>
MONGO_INITDB_ROOT_PASSWORD: <password>
MONGO_INITDB_DATABASE: <database>
Do not commit the .env file to GitHub.
To build and start all containers (backend, frontend, and MongoDB), run the following command from the root directory:
bash Copy code docker compose up --build -d
--build: Rebuilds the containers if needed
-d: Runs the containers in detached mode (in the background)
Once Docker is running:
- Backend: http://localhost:5000
- Swagger Docs: http://localhost:5000/api-docs
- Frontend (Employer Panel): http://localhost:3000
- MongoDB: Available at localhost:27017 (use tools like MongoDB Compass)
To stop and remove all running containers:
docker compose down -v
-v: Also removes volumes-v: Also removes volumes.
- Ensure the PORT in .env matches the exposed port in docker-compose.yml.
- Use consistent credentials in both .env and docker-compose.yml.
- The frontend uses npm start inside the container. Make sure your package.json has the correct start script.
- Fork the repository
- Clone your fork locally
- Create a new branch for your feature or bugfix
- Run the project using Docker (see above)
-
Use feature branches (/feature/) or fix branches (/fix/)
-
Commit messages should be clear and descriptive
-
Open a Pull Request into main when work is ready
- Follow existing formatting in backend (Node.js/Express) and frontend (React)
- Write concise, meaningful commit messages
- Run linting and tests before committing, if available
- Use GitHub Issues for tracking bugs and feature requests
- Use Pull Requests for code reviews and discussions
- Add descriptions into GitHub when merge request is submitted (Include images where possible)
- Users log in with email + password at
/api/v1/auth/login. - A one-time password (OTP) is emailed to the user.
- OTP is verified at
/api/v1/auth/verify-otp. - success, a JWT token (1 hour expiry) is returned.
- Token must be sent in request headers:
Authorization: Bearer <token> - Only short-lived access tokens are used (no refresh tokens).
POST /register – Register Employer/Admin POST /register/guard – Register Guard (license upload) POST /login – Login with email/password POST /verify-otp – Verify OTP, receive JWT token POST /eoi – Submit Expression of Interest
GET /me – Get logged-in user profile PUT /me – Update logged-in user profile GET /{id} – Admin: get user by ID PUT /{id} – Admin: update user by ID GET /guards – Admin/Employer: list all guards
GET / – List shifts (role-specific) POST / – Create shift (Employer) PUT /{id}/apply – Apply for a shift (Guard) PUT /{id}/approve – Approve guard (Employer/Admin) PUT /{id}/complete – Mark shift complete GET /myshifts – Get logged-in user’s shifts PATCH /{id}/rate – Submit rating (Employer/Guard) GET /history – Get past completed shifts
POST / – Create or update availability GET /{userId} – Get availability for a user
POST / – Send a message GET /inbox – Get inbox messages GET /sent – Get sent messages GET /conversation/{userId} – Get conversation with a user PATCH /{messageId}/read – Mark message as read GET /stats – Get message statistics