Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/srikanth-kandi/edulab-tms
Task Management System with Secure Authentication
https://github.com/srikanth-kandi/edulab-tms
Last synced: 27 days ago
JSON representation
Task Management System with Secure Authentication
- Host: GitHub
- URL: https://github.com/srikanth-kandi/edulab-tms
- Owner: srikanth-kandi
- Created: 2024-08-24T09:50:32.000Z (5 months ago)
- Default Branch: main
- Last Pushed: 2024-08-26T01:40:29.000Z (5 months ago)
- Last Synced: 2024-11-04T00:25:35.818Z (2 months ago)
- Language: JavaScript
- Homepage: https://tms.srikanthkandi.me
- Size: 51.8 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Task Management System (TMS)
A comprehensive Task Management System API built with Node.js, Express, TypeORM, and PostgreSQL, designed to manage tasks and user organizations with varying levels of access and permissions.
## Table of Contents
- [Installation](#installation)
- [Setup](#setup)
- [Starting the Application](#starting-the-application)
- [API Documentation](#api-documentation)
- [Authentication](#authentication)
- [User Management](#user-management)
- [Organization Management](#organization-management)
- [Task Management](#task-management)
- [Admin vs. User Permissions](#admin-vs-user-permissions)
- [Troubleshooting](#troubleshooting)
## Installation
1. Clone the repository
```bash
git clone https://github.com/srikanth-kandi/edulab-tms
cd edulab-tms
```
2. Install dependencies
```bash
npm install
```
## Setup
1. Create a `.env` file in the root directory of the project
```makefile
DB_HOST=your_database_host
DB_USERNAME=your_database_username
DB_PASSWORD=your_database_password
DB_NAME=your_database_name
JWT_SECRET=your_jwt_secret_key
```
2. Run database migrations to set up the database schema
```bash
npm run migration:run
```
## Starting the Application
```bash
npm start
```
## API Documentation
### Authentication
1. Register a new user
- URL: [`/register`](https://tms.srikanthkandi.me/register)
- Method: `POST`
- Request Body:
Use either `orgName` or `existingOrgId` but not both. Username needs to unique across the users irrespective of the organization. Password should be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one number, and one special character.
```json
{
"username": "string",
"password": "string",
"orgName": "string", // Optional, use if you want to create a new organization
"existingOrgId": 0 // Optional, use if you want to join an existing organization
}
```
- Response: If `orgName` is provided, a new organization will be created and role will be set to "admin". If `existingOrgId` is provided, the user will be added to the existing organization and role will be set to "user".
```json
{
"message": "User registered successfully",
"user": {
"username": "string",
"password": "hashedPassword",
"role": "string", // "user" or "admin"
"organization": {
"id": 0,
"name": "orgName",
"createdAt": "timestamp"
},
"id": 0
}
}
```
2. Login
- URL: [`/login`](https://tms.srikanthkandi.me/login)
- Method: `POST`
- Request Body:
```json
{
"username": "string",
"password": "string"
}
```
- Response: Will check validations like username and password are required, user exists, and password is correct. If all validations pass, a JWT token will be generated and will be valid for 1 hour.
```json
{
"token": "jwt_token"
}
```
### User Management
1. Create user
- URL: [`/users`](https://tms.srikanthkandi.me/users)
- Method: `POST`
- Headers:
```yaml
Authorization: Bearer
```
- Request Body: Only admin users can create new users. Password should be at least 8 characters long and contain at least one uppercase letter, one lowercase letter, one number, and one special character.
```json
{
"username": "string",
"password": "string",
"role": "string" // "user" or "admin"
}
```
- Response:
```json
{
"id": 0,
"username": "string",
"role": "string" // "user" or "admin"
}
```
2. Get all users
- URL: [`/users`](https://tms.srikanthkandi.me/users)
- Method: `GET`
- Headers:
```yaml
Authorization: Bearer
```
- Response: Only users in the current organization will be returned for both "admin" and "user" roles.
```json
[
{
"id": 0,
"username": "string",
"password": "hashedPassword",
"role": "string" // "user" or "admin"
}
]
```
3. Get user by ID
- URL: [`/users/:id`](https://tms.srikanthkandi.me/users/:id)
- Method: `GET`
- Headers:
```yaml
Authorization: Bearer
```
- Response: Only users in the current organization will be returned for both "admin" and "user" roles.
```json
{
"id": 0,
"username": "string",
"role": "string", // "user" or "admin"
"orgId": 0,
"orgName": "string"
}
```
4. Update user
- URL: [`/users`](https://tms.srikanthkandi.me/users)
- Method: `PUT`
- Headers:
```yaml
Authorization: Bearer
```
- Request Body: admin users can update other users in same organization. If there is only one admin user in the organization and the user is trying to change to user role, it will throw an error.
```json
{
"id": 0,
"username": "string",
"password": "string",
"role": "string" // "user" or "admin"
}
```
- Response:
```json
{
"id": 0,
"username": "string",
"role": "string" // "user" or "admin"
}
```
5. Delete user
- URL: [`/users/:id`](https://tms.srikanthkandi.me/users/:id)
- Method: `DELETE`
- Headers:
```yaml
Authorization: Bearer
```
- Response: If the deleting user is the only admin user in the organization, it will throw an error.
```json
{
"message": "User deleted"
}
```
### Organization Management
1. Update organization
- URL: [`/organizations`](https://tms.srikanthkandi.me/organizations)
- Method: `PUT`
- Headers:
```yaml
Authorization: Bearer
```
- Request Body: Only admins of the organization can update the organization name.
```json
{
"name": "new-org-name"
}
```
- Response:
```json
{
"id": 0,
"name": "new-org-name"
}
```
### Task Management
1. Get all tasks
- URL: [`/tasks`](https://tms.srikanthkandi.me/tasks)
- Method: `GET`
- Headers:
```yaml
Authorization: Bearer
```
- Response: when admin user is logged in, all user's tasks of the organization will be returned. when user is logged in, only their tasks will be returned.
```json
[
{
"id": 0,
"title": "string",
"description": "string",
"status": "string", // "pending", "in-progress", "completed"
"userId": 0
}
]
```
2. Get task by ID
- URL: [`/tasks/:id`](https://tms.srikanthkandi.me/tasks/:id)
- Method: `GET`
- Headers:
```yaml
Authorization: Bearer
```
- Response: admin user can get any task in the organization. user can get only their tasks.
```json
{
"id": 0,
"title": "string",
"description": "string",
"status": "string", // "pending", "in-progress", "completed"
"userId": 0
}
```
3. Create task
- URL: [`/tasks`](https://tms.srikanthkandi.me/tasks)
- Method: `POST`
- Headers:
```yaml
Authorization: Bearer
```
- Request Body: when the admin user want to create to task for other user in their organization, `adminReqUserId` should be provided.
```json
{
"title": "string",
"description": "string",
"status": "string", // "pending", "in-progress", "completed"
"adminReqUserId": 0 // optional, only admin users can create tasks for other users
}
```
- Response:
```json
{
"id": 0,
"title": "string",
"description": "string",
"status": "string" // "pending", "in-progress", "completed"
}
```
4. Update task
- URL: [`/tasks`](https://tms.srikanthkandi.me/tasks)
- Method: `PUT`
- Headers:
```yaml
Authorization: Bearer
```
- Request Body: admins can update any task in the organization. users can update only their tasks.
```json
{
"id": 0,
"title": "string",
"description": "string",
"status": "string" // "pending", "in-progress", "completed"
}
```
- Response:
```json
{
"id": 0,
"title": "string",
"description": "string",
"status": "string" // "pending", "in-progress", "completed"
}
```
5. Delete task
- URL: [`/tasks/:id`](https://tms.srikanthkandi.me/tasks/:id)
- Method: `DELETE`
- Headers:
```yaml
Authorization: Bearer
```
- Response: admins can delete any task in the organization. users can delete only their tasks.
```json
{
"message": "Task deleted successfully"
}
```
## Admin vs. User Permissions
| Endpoint | Method | Admin Access | User Access |
| -------------------------------------------------------------- | ---------- | ------------ | ----------- |
| [`/register`](https://tms.srikanthkandi.me/register) | **POST** | ✔️ | ✔️ |
| [`/login`](https://tms.srikanthkandi.me/login) | **POST** | ✔️ | ✔️ |
| [`/users`](https://tms.srikanthkandi.me/users) | **POST** | ✔️ | ❌ |
| [`/users`](https://tms.srikanthkandi.me/users) | **GET** | ✔️ | ✔️ |
| [`/users/:id`](https://tms.srikanthkandi.me/users/:id) | **GET** | ✔️ | ✔️ |
| [`/users`](https://tms.srikanthkandi.me/users) | **PUT** | ✔️ | ✔️ (self) |
| [`/users/:id`](https://tms.srikanthkandi.me/users/:id) | **DELETE** | ✔️ | ✔️ (self) |
| [`/organizations`](https://tms.srikanthkandi.me/organizations) | **PUT** | ✔️ | ❌ |
| [`/tasks`](https://tms.srikanthkandi.me/tasks) | **GET** | ✔️ | ✔️ (self) |
| [`/tasks/:id`](https://tms.srikanthkandi.me/tasks/:id) | **GET** | ✔️ | ✔️ (self) |
| [`/tasks`](https://tms.srikanthkandi.me/tasks) | **POST** | ✔️ | ✔️ |
| [`/tasks`](https://tms.srikanthkandi.me/tasks) | **PUT** | ✔️ | ✔️ (self) |
| [`/tasks/:id`](https://tms.srikanthkandi.me/tasks/:id) | **DELETE** | ✔️ | ✔️ (self) |
## Troubleshooting
- **Database Connection Issues**: Ensure your `.env` file has the correct database credentials and your PostgreSQL server is running.
- **JWT Secret Errors**: Make sure your .env file contains a valid JWT_SECRET.
- **Permission Denied**: Double-check that your user roles are correctly assigned and that you are passing the correct JWT tokens in the headers.