SecureAuth – Task Management System

This is a full-stack task management application with JWT-based authentication, role-based access control (RBAC), and protected REST APIs.

The backend is the primary focus, implementing real-world security and authorization patterns, while the frontend provides a simple UI to interact with the APIs.

---

Features

Authentication & Authorization

• User registration and login
• Password hashing using bcrypt
• JWT-based authentication
• Role-Based Access Control (User vs Admin)

Task Management

• Create, read, update, and delete tasks
• Users can access only their own tasks
• Admins can access and manage all users’ tasks

API & Backend

• RESTful API design
• Protected routes using middleware
• Centralized error handling
• Input validation
• API versioning (/api/v1)
• Swagger UI for API documentation

Frontend

• React-based UI
• User registration & login
• Protected dashboard (JWT required)
• Task CRUD operations
• Admin dashboard for managing all tasks

---

Tech Stack

Backend

• Node.js
• Express.js
• MongoDB & Mongoose
• JWT (jsonwebtoken)
• bcryptjs
• Swagger (OpenAPI)

Frontend

• React.js
• Vite
• Axios
• CSS

---

Project Structure

secureauth-task-manager/
├── backend/
│   ├── src/
│   │   ├── config/
│   │   ├── controllers/
│   │   ├── middleware/
│   │   ├── models/
│   │   ├── routes/
│   │   ├── utils/
│   │   └── app.js
│   └── server.js
│   └── .env.example
│   └── .gitignore
├── frontend/
│   ├── .gitignore
│   ├── src/
│   │   ├── api/
│   │   ├── pages/
│   │   ├── components/
│   │   └── App.jsx
├── .gitignore
├── package.json
├── package-lock.json
└── README.md

---

Environment Variables

Backend (backend/.env.example)

PORT=5000
MONGO_URI=your_mongodb_connection_string
JWT_SECRET=your_jwt_secret

.env files are ignored from Git. Refer to .env.example for setup.

---

How to Run the Project

1. Clone the Repository

git clone https://github.com/<your-username>/secureauth-task-manager.git
cd secureauth-task-manager

---

2. Run Backend

cd backend
npm install
npm run dev

Backend runs on:

http://localhost:5000

---

3. Run Frontend

cd frontend
npm install
npm run dev

Frontend runs on:

http://localhost:5173

---

API Documentation (Swagger)

This project uses Swagger UI for API documentation and testing.

Once the backend server is running, open the following URL in your browser:

http://localhost:5000/api-docs

Swagger allows you to:

• Explore all available API endpoints
• View request and response schemas
• Authenticate using JWT via the Authorize button
• Test protected routes directly from the UI

---

Role-Based Access Control (RBAC)

Role	Permissions
User	Manage only own tasks
Admin	Manage all tasks across users

Admin role is determined by the role field in the user document.

---

What This Project Demonstrates

• Secure backend API design
• Real-world JWT authentication flow
• Authorization vs authentication
• Ownership-based access control
• Clean project structuring
• Full-stack integration
• Scalable and extensible backend architecture

---

Author

Eepsita Modi Backend / Full Stack Developer GitHub: https://github.com/Eepsita12

---

Thank You!