A robust Node.js backend API for a microtask marketplace where users can create tasks, complete tasks for rewards, and manage earnings through an integrated wallet system with admin moderation.
- Features
- Tech Stack
- Prerequisites
- Installation
- Environment Variables
- Database Setup
- Running the Application
- API Documentation
- Project Structure
- Testing with HTTPie
- Contributing
- License
- User registration with email verification (OTP)
- Secure login with JWT tokens
- Password reset via email
- Role-based access control (User/Admin)
- KYC level management
- Create tasks with escrow payment
- Admin approval workflow for tasks
- Task rejection with automatic refund
- Browse available approved tasks
- Submit proof of task completion
- Track task slots and deadlines
- Review and approve/reject task submissions
- Approve or reject task creation
- Manage all users, tasks, and submissions
- Handle withdrawal requests
- Resolve user appeals
- Complete admin dashboard data
- Integrated wallet system
- Escrow management for task payments
- Automatic crediting on task approval
- Withdrawal request system
- Transaction history tracking
- Refund on task rejection
- Submit task proofs (image/text)
- Appeal rejected submissions
- Manage bank account details
- View transaction history
- Track earnings and balance
- Runtime: Node.js (v18+)
- Framework: Express.js
- Database: PostgreSQL
- ORM: Prisma
- Authentication: JWT (jsonwebtoken)
- Password Hashing: bcrypt
- Email: Nodemailer
- Validation: Express Validator (optional)
- Environment: dotenv
Before you begin, ensure you have the following installed:
- Node.js (v18 or higher)
- PostgreSQL (v15 or higher)
- npm or yarn
- Git
- Clone the repository
git clone https://github.com/yourusername/microtask-platform-backend.git
cd microtask-platform-backend- Install dependencies
npm install- Set up environment variables
Create a .env file in the root directory:
cp .env.example .envCreate a .env file with the following variables:
# Database
DATABASE_URL="postgresql://username:password@localhost:5432/microtask_db?schema=public"
# JWT Secret
JWT_SECRET="your-super-secret-jwt-key-change-this-in-production"
# Server
PORT=3000
NODE_ENV=development
# Frontend URL (for password reset links)
FRONTEND_URL="http://localhost:5173"
# Email Configuration (using Gmail as example)
EMAIL_HOST="smtp.gmail.com"
EMAIL_PORT=587
EMAIL_USER="your-email@gmail.com"
EMAIL_PASSWORD="your-app-specific-password"
EMAIL_FROM="noreply@microtask.com"- Enable 2-Factor Authentication on your Gmail account
- Generate an App Password
- Use the app password in
EMAIL_PASSWORD
- Create PostgreSQL database
createdb microtask_db- Run Prisma migrations
npx prisma migrate dev --name initial_setup- Generate Prisma Client
npx prisma generate- Seed database (optional)
npm run seed- View database with Prisma Studio
npx prisma studionpm run devnpm startThe server will start on http://localhost:3000
http://localhost:3000/api
POST /auth/register
Content-Type: application/json
{
"name": "John Doe",
"email": "john@example.com",
"password": "password123",
"phone": "1234567890"
}POST /auth/verify-email
Content-Type: application/json
{
"userId": 1,
"otp": "123456"
}POST /auth/login
Content-Type: application/json
{
"email": "john@example.com",
"password": "password123"
}POST /auth/forgot-password
Content-Type: application/json
{
"email": "john@example.com"
}POST /auth/reset-password/:token
Content-Type: application/json
{
"password": "newPassword123"
}POST /tasks/create
Authorization: Bearer YOUR_JWT_TOKEN
Content-Type: application/json
{
"title": "Follow us on Instagram",
"description": "Follow our Instagram account and take a screenshot",
"reward": 50,
"totalSlots": 100,
"proofType": "image",
"escrowAmount": 5000,
"deadline": "2024-12-31T23:59:59.000Z"
}GET /tasks/available
Authorization: Bearer YOUR_JWT_TOKENGET /tasks/my-tasks
Authorization: Bearer YOUR_JWT_TOKENGET /tasks/:id
Authorization: Bearer YOUR_JWT_TOKENPOST /tasks/:id/submit
Authorization: Bearer YOUR_JWT_TOKEN
Content-Type: application/json
{
"proofImage": "https://example.com/screenshot.jpg",
"proofText": "Completed the task as requested"
}GET /admin/tasks
Authorization: Bearer ADMIN_JWT_TOKENPUT /admin/tasks/:id/approve
Authorization: Bearer ADMIN_JWT_TOKENPUT /admin/tasks/:id/reject
Authorization: Bearer ADMIN_JWT_TOKEN
Content-Type: application/json
{
"reason": "Task description is not clear"
}GET /admin/submissions
Authorization: Bearer ADMIN_JWT_TOKENPUT /admin/submissions/:id/approve
Authorization: Bearer ADMIN_JWT_TOKENPUT /admin/submissions/:id/reject
Authorization: Bearer ADMIN_JWT_TOKENGET /admin/appeals
Authorization: Bearer ADMIN_JWT_TOKENPUT /admin/appeals/:id/resolve
Authorization: Bearer ADMIN_JWT_TOKEN
Content-Type: application/json
{
"action": "approve",
"adminMessage": "Appeal approved after review"
}GET /user/profile
Authorization: Bearer YOUR_JWT_TOKENPOST /user/bank-details
Authorization: Bearer YOUR_JWT_TOKEN
Content-Type: application/json
{
"bankName": "First Bank",
"accountNumber": "1234567890",
"accountHolder": "John Doe",
"isPrimary": true
}POST /user/withdraw
Authorization: Bearer YOUR_JWT_TOKEN
Content-Type: application/json
{
"amount": 1000,
"bankDetailsId": 1
}microtask-platform-backend/
βββ prisma/
β βββ schema.prisma # Database schema
β βββ migrations/ # Database migrations
βββ src/
β βββ controllers/
β β βββ authController.js # Authentication logic
β β βββ taskController.js # Task management
β β βββ adminController.js # Admin operations
β β βββ userController.js # User operations
β βββ middleware/
β β βββ auth.js # JWT authentication
β β βββ upload.js # File upload (optional)
β βββ routes/
β β βββ authRoutes.js # Auth endpoints
β β βββ taskRoutes.js # Task endpoints
β β βββ adminRoutes.js # Admin endpoints
β β βββ userRoutes.js # User endpoints
β βββ utils/
β β βββ sendEmail.js # Email service
β β βββ jwt.js # JWT utilities
β βββ server.js # Express app setup
βββ .env # Environment variables
βββ .env.example # Environment template
βββ .gitignore # Git ignore rules
βββ package.json # Dependencies
βββ README.md # Documentation
# macOS
brew install httpie
# Linux/WSL
sudo apt install httpie
# Python pip
pip install httpie# 1. Register a user
http POST http://localhost:3000/api/auth/register \
name="Test User" \
email="test@example.com" \
password="password123" \
phone="1234567890"
# 2. Verify email (check your email for OTP)
http POST http://localhost:3000/api/auth/verify-email \
userId:=1 \
otp="123456"
# 3. Login and save token
http POST http://localhost:3000/api/auth/login \
email="test@example.com" \
password="password123"
# Save the token
export TOKEN="your_jwt_token_here"
# 4. Create a task
http POST http://localhost:3000/api/tasks/create \
Authorization:"Bearer $TOKEN" \
title="Instagram Follow Task" \
description="Follow our account" \
reward:=50 \
totalSlots:=10 \
proofType="image" \
escrowAmount:=500
# 5. Check available tasks (before admin approval - should be empty)
http GET http://localhost:3000/api/tasks/available \
Authorization:"Bearer $TOKEN"
# 6. Login as admin and approve task
# First, update user role in database:
# UPDATE "User" SET role = 'ADMIN' WHERE email = 'admin@example.com';
export ADMIN_TOKEN="admin_jwt_token_here"
http PUT http://localhost:3000/api/admin/tasks/1/approve \
Authorization:"Bearer $ADMIN_TOKEN"
# 7. Now check available tasks again (should show the approved task)
http GET http://localhost:3000/api/tasks/available \
Authorization:"Bearer $TOKEN"- β Passwords are hashed with bcrypt (salt rounds: 10)
- β JWT tokens for stateless authentication
- β Email verification before account activation
- β OTP expiry (10 minutes)
- β Password reset token expiry (15 minutes)
- β Role-based access control
- β SQL injection prevention via Prisma ORM
- β Environment variables for sensitive data
User Creates Task β Task Status: "pending"
β
Admin Reviews Task
β
[Approve] [Reject]
β β
Status: "approved" Status: "rejected"
β Escrow refunded to user
Task visible to workers
β
Workers submit proofs
β
Admin reviews submissions
β
[Approve] [Reject]
β β
User gets paid User can appeal
Wallet credited
- User: Authentication, profile, wallet balance
- Task: Task details, escrow, slots, status
- Submission: Proof submissions, review status
- Transaction: Wallet transaction history
- Withdrawal: Withdrawal requests
- Appeal: Submission appeal system
- BankDetail: User bank account information
Contributions are welcome! Please follow these steps:
- Fork the repository
- Create a feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- Your Name - Initial work - YourGitHub
- Express.js community
- Prisma ORM team
- Node.js community
- All contributors
For support, email support@microtask.com or open an issue in the repository.
- Add file upload for proof images
- Implement real-time notifications
- Add payment gateway integration
- Create admin dashboard UI
- Add task categories and tags
- Implement user rating system
- Add multi-language support
- Create mobile app API extensions
Made with β€οΈ by ELsuraj