A RESTful API built with Express.js and MongoDB that provides todo management with user authentication and authorization.
- User authentication using JWT
- Role-based authorization (Admin/User)
- Todo CRUD operations
- User management (Admin only)
- API documentation with Swagger
- MongoDB integration
- Error handling
- Input validation
Before running this project, make sure you have:
- Node.js (v14 or higher)
- MongoDB installed and running
- npm or yarn package manager
git clone https://github.com/PdskDev/nodejs-express-api-todo-with-jwt.git
cd todo-api
npm install
npm run dev
npm run start
The server will start on http://localhost:3000 (or the PORT specified in your .env file)
Swagger documentation is available at: http://localhost:3000/api-docs
POST /users/register - Register a new user
POST /users/login - Login user
- GET /users - Get all users
- POST /users - Create a new user
- PUT /users/:id - Update a user
- DELETE /users/:id - Delete a user
- GET /todos - Get all todos (Admin: all todos, User: own todos)
- POST /todos - Create a new todo
- GET /todos/:id - Get a specific todo
- PUT /todos/:id - Update a todo
- DELETE /todos/:id - Delete a todo
├── controllers/
│ ├── todoController.js
│ └── userController.js
├── routes/
│ ├── todoRoutes.js
│ └── userRoutes.js
├── models/
│ ├── todo.js
│ └── user.js
├── middleware/
│ └── auth.js
├── swagger.js
├── index.js
└── .env
The API uses JWT (JSON Web Tokens) for authentication. To access protected endpoints:
- Get a token by logging in
- Include the token in the Authorization header:
Authorization: Bearer <your_token_here>
- name: String (required)
- email: String (required, unique)
- password: String (required)
- role: String (enum: 'user', 'admin')
- isActive: Boolean
- title: String (required)
- description: String (required)
- completed: Boolean
- user: Reference to User model
The API includes comprehensive error handling for:
- Validation errors
- Authentication errors
- Authorization errors
- Not found errors
- Server errors
Available Scripts
npm start - Run the application
npm run dev - Run the application with nodemon for development
- Password hashing using bcryptjs
- JWT token authentication
- Role-based access control
- Request validation
- Protected routes
- Environment variables for sensitive data
- Fork the repository
- Create your feature branch ( git checkout -b feature/amazing-feature)
- Commit your changes ( git commit -m 'Add some amazing feature')
- Push to the branch ( git push origin feature/amazing-feature)
- Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details
- Node.js
- Express.js
- MongoDB
- Mongoose
- Swagger UI