Backend API for APIIC (AIIMS Patna Incubation Center) Management System built with Node.js, Express, MongoDB, and Joi validation.
- Authentication & Authorization: JWT-based authentication with role-based access control
- Pre-Incubation Applications: Complete CRUD operations for pre-incubation applications
- Incubation Applications: Complete CRUD operations for incubation applications
- Data Validation: Comprehensive validation using Joi
- Security: Helmet, CORS, rate limiting, and input sanitization
- Database: MongoDB with Mongoose ODM
- API Documentation: RESTful API with clear endpoints
- Node.js (>= 16.0.0)
- MongoDB (>= 4.4)
- npm or yarn
-
Clone the repository
git clone <repository-url> cd backend
-
Install dependencies
npm install
-
Environment Setup
cp env.example .env
Update the
.envfile with your configuration:PORT=5000 NODE_ENV=development MONGODB_URI=mongodb://localhost:27017/apiic JWT_SECRET=your-super-secret-jwt-key-here JWT_EXPIRE=7d CORS_ORIGIN=http://localhost:3000
-
Start the server
# Development npm run dev # Production npm start
POST /api/auth/register- Register a new userPOST /api/auth/login- Login userGET /api/auth/me- Get current userPUT /api/auth/profile- Update user profilePUT /api/auth/password- Update password
POST /api/pre-incubation- Create pre-incubation applicationGET /api/pre-incubation- Get all applications (with filtering & pagination)GET /api/pre-incubation/:id- Get single applicationPUT /api/pre-incubation/:id- Update applicationDELETE /api/pre-incubation/:id- Delete application (Admin only)GET /api/pre-incubation/stats/overview- Get statistics
POST /api/incubation- Create incubation applicationGET /api/incubation- Get all applications (with filtering & pagination)GET /api/incubation/:id- Get single applicationPUT /api/incubation/:id- Update applicationDELETE /api/incubation/:id- Delete application (Admin only)GET /api/incubation/stats/overview- Get statistics
GET /health- Server health checkGET /- API information
All protected routes require a JWT token in the Authorization header:
Authorization: Bearer <your-jwt-token>
- admin: Full access to all operations
- reviewer: Can view and update applications
- applicant: Can create and view their own applications
- Basic user information with authentication
- Role-based access control
- Password hashing with bcrypt
- Complete pre-incubation application data
- Team members and shareholders
- Business and technical details
- Application status tracking
- Complete incubation application data
- Innovation and business details
- Team and IP information
- Compliance and financial data
- Helmet: Security headers
- CORS: Cross-origin resource sharing
- Rate Limiting: Prevent abuse
- Input Validation: Joi schema validation
- Password Hashing: bcrypt with salt
- JWT Authentication: Secure token-based auth
All input data is validated using Joi schemas:
- Required field validation
- Data type validation
- Length and format validation
- Custom business rules
Consistent error responses with:
- HTTP status codes
- Success/failure indicators
- Detailed error messages
- Development stack traces (in dev mode)
- Database indexing for faster queries
- Pagination for large datasets
- Compression middleware
- Query optimization
npm testnpm start- Start production servernpm run dev- Start development server with nodemonnpm test- Run tests
Environment variables in .env:
PORT- Server port (default: 5000)MONGODB_URI- MongoDB connection stringJWT_SECRET- JWT signing secretJWT_EXPIRE- JWT expiration timeCORS_ORIGIN- Allowed CORS originNODE_ENV- Environment (development/production)
MIT License - see LICENSE file for details.
- Fork the repository
- Create a feature branch
- Commit your changes
- Push to the branch
- Create a Pull Request
For support and questions, please contact the APIIC development team.