This is a task management API that allows users to register, log in, create, update, and delete tasks. The API uses MongoDB for data storage and JWT authentication for security. It also includes rate limiting and logging for better performance and monitoring.
- ✅ User Authentication (Register, Login, Password Reset)
- ✅ Task Management (Create, Read, Update, Delete)
- ✅ Role-Based Access (Admin vs Regular Users)
- ✅ Secure API (JWT Authentication)
- ✅ Rate Limiting (Prevents API abuse)
- ✅ Logging System (Tracks API activity & errors)
- ✅ Optimized Database Queries (MongoDB Indexes for Speed)
git clone https://github.com/yourusername/task-api.git
cd task-apinpm installCreate a .env file in the root folder and add:
PORT=5000
MONGO_URL=your_mongodb_connection_string
DB_NAME=your_database_name
JWT_SECRET=your_secret_key
EMAIL_USER=your_email@gmail.com
EMAIL_PASS=your_email_passwordnpm run devServer will start at: http://localhost:5000
| Method | Endpoint | Description | Auth Required? |
|---|---|---|---|
| POST | /auth/register |
Register a new user | ❌ No |
| POST | /auth/login |
Log in & get JWT token | ❌ No |
| POST | /auth/request-reset |
Request password reset email | ❌ No |
| POST | /auth/reset-password?token=your_token |
Reset password | ❌ No |
| Method | Endpoint | Description | Auth Required? |
|---|---|---|---|
| GET | /tasks |
Get all tasks (Admins: all, Users: their own) | ✅ Yes |
| POST | /tasks |
Create a new task | ✅ Yes |
| PATCH | /tasks/{task_id} |
Update a task | ✅ Yes |
| DELETE | /tasks/{task_id} |
Delete a task | ✅ Yes |
POST /auth/registerBody:
{
"username": "testuser",
"password": "password123",
"phone": "123456789",
"email": "testuser@example.com"
}Response:
{
"message": "User registered successfully",
"userId": "some_id",
"role": "user"
}POST /auth/loginBody:
{
"username": "testuser",
"password": "password123"
}Response:
{
"message": "Login successful",
"token": "your_jwt_token",
"role": "user"
}POST /auth/request-resetBody:
{
"email": "testuser@example.com"
}Response:
{
"message": "Reset email sent"
}POST /auth/reset-password?token=your_reset_tokenBody:
{
"newPassword": "newSecurePassword"
}Response:
{
"message": "Password reset successful"
}POST /tasks
Authorization: Bearer your_jwt_tokenBody:
{
"task": "Complete coding project",
"priority": 1,
"completed": false
}Response:
{
"message": "Task created successfully!",
"taskId": "some_id"
}GET /tasks
Authorization: Bearer your_jwt_tokenResponse:
[
{
"title": "Complete coding project",
"completed": false,
"priority": 1
}
]PATCH /tasks/{task_id}
Authorization: Bearer your_jwt_tokenBody:
{
"completed": true
}Response:
{
"message": "Task updated successfully!"
}DELETE /tasks/{task_id}
Authorization: Bearer your_jwt_tokenResponse:
{
"message": "Task deleted successfully!"
}| Endpoint | Max Requests | Time Window |
|---|---|---|
/auth/* |
30 | 15 minutes |
/tasks/* |
60 | 1 minute |
If the limit is exceeded, the response will be:
{
"error": "Too many requests, please try again later"
}- All logs are stored in
logs/folder. combined.log→ Tracks API requests & activities.error.log→ Stores errors & failures.
- Node.js
- MongoDB
- bcryptjs (for password hashing)
- jsonwebtoken (for authentication)
- nodemailer (for password reset emails)
- winston (for logging)
- Rate Limiting Middleware (Prevents excessive requests)
- MongoDB Indexing (Improves query performance)
- Error Handling Middleware (Ensures stability)
The next step is to build the frontend for this application to provide a user-friendly interface.
Feel free to fork and submit issues!
Created with LineDev by DalaScript 💻